keytool is not in jdk-base-image
Weijun Wang
weijun.wang at oracle.com
Wed Aug 31 17:46:30 PDT 2011
On 09/01/2011 05:53 AM, Mandy Chung wrote:
> On 8/31/11 2:34 PM, Sean Mullan wrote:
>> It will be difficult to sign modules without keytool. (It's possible,
>> but you
>> would have to have a keystore already setup with your keys and
>> certificates and
>> know the alias name, etc).
>
> But keytool depends on jsse and jndi. Can these dependencies be
> eliminated or as optional?
The jndi dependence can be optional, but keytool needs the jsse module
to generate certs. See below:
>
> sun.security.tools.JarSigner -> sun.security.util.PathList (sun.jsse)
JarSigner?
> sun.security.tools.KeyTool -> javax.net.ssl.HttpsURLConnection (sun.jsse)
> sun.security.tools.KeyTool -> javax.net.ssl.SSLContext (sun.jsse)
> sun.security.tools.KeyTool -> javax.net.ssl.TrustManager (sun.jsse)
> sun.security.tools.KeyTool$2 -> javax.net.ssl.X509TrustManager (sun.jsse)
> sun.security.tools.KeyTool$3 -> javax.net.ssl.HostnameVerifier (sun.jsse)
> sun.security.tools.KeyTool$3 -> javax.net.ssl.SSLSession (sun.jsse)
for keytool -printcert -sslserver <ssl_server>
> sun.security.tools.KeyTool -> sun.security.pkcs.PKCS10 (sun.jsse)
> sun.security.tools.KeyTool -> sun.security.pkcs.PKCS10Attribute (sun.jsse)
> sun.security.tools.KeyTool -> sun.security.pkcs.PKCS10Attributes (sun.jsse)
for keytool -certreq
> sun.security.tools.KeyTool ->
> sun.security.provider.certpath.ldap.LDAPCertStoreHelper (sun.jndi)
for keytool -printcrl -file ldap://....
> sun.security.tools.KeyTool -> sun.security.util.PathList (sun.jsse)
PathList is a utility class to create "a:b:c" on Unix and "a;b;c" on
Windows. Is there a similar tool inside base?
> sun.security.tools.KeyTool -> sun.security.x509.CertAndKeyGen (sun.jsse)
for keytool -genkeypair and keytool -gencert
-Max
>
>
> Mandy
More information about the jigsaw-dev
mailing list