From b113c7d3241f696147fc9ae6248cab56079a1f77 Mon Sep 17 00:00:00 2001
From: Valerij Fredriksen <valerijf@vespa.ai>
Date: Fri, 17 Jan 2025 14:52:54 +0100
Subject: [PATCH] Use default trust store in PanicClient

---
 .../vespa/athenz/identity/SiaIdentityProvider.java     | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java
index 085e9973caba..df92ee2b5fe2 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identity/SiaIdentityProvider.java
@@ -1,13 +1,13 @@
 // Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.athenz.identity;
 
-import com.yahoo.component.annotation.Inject;
 import com.yahoo.component.AbstractComponent;
+import com.yahoo.component.annotation.Inject;
+import com.yahoo.security.AutoReloadingX509KeyManager;
 import com.yahoo.security.SslContextBuilder;
 import com.yahoo.security.TrustManagerUtils;
 import com.yahoo.security.X509CertificateUtils;
 import com.yahoo.security.X509CertificateWithKey;
-import com.yahoo.security.AutoReloadingX509KeyManager;
 import com.yahoo.vespa.athenz.api.AthenzIdentity;
 import com.yahoo.vespa.athenz.api.AthenzService;
 import com.yahoo.vespa.athenz.utils.SiaUtils;
@@ -17,10 +17,8 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-
 import java.security.cert.X509Certificate;
 import java.util.List;
-
 import java.util.stream.Stream;
 
 /**
@@ -79,8 +77,8 @@ public SSLContext getIdentitySslContext() {
     @Override public Path certificatePath() { return certificateFile; }
     @Override public Path privateKeyPath() { return privateKeyFile; }
 
-    public SSLContext createIdentitySslContextWithTrustStore(Path trustStoreFile) {
-        return createIdentitySslContext(keyManager, trustStoreFile);
+    public SSLContext createIdentitySslContextWithDefaultTrustStore() {
+        return new SslContextBuilder().withKeyManager(keyManager).build();
     }
 
     /**