"PKCS11" no longer supported for KeyStore
Weijun Wang
Weijun.Wang at Sun.COM
Sun Jul 18 05:57:56 PDT 2010
What platform and openjdk release (or build) are you using? What kind of security providers are specified? When you say "regression", is it a regression of an earlier build of openjdk?
If I understand correctly, a PKCS #11 security provider is needed to use PKCS11-based keystores. Currently, only JDK on Solaris includes out-of-box PKCS11 provider. For all other platforms, you need to supply your own.
Thanks
Max
On Jul 18, 2010, at 2:30 PM, Jon Strauss wrote:
> Some time ago I came across a regression beginning after the sun-jdk 1.6.13 release. This regression continues into openjdk. The issue at hand is a single line found in the current SunPKCS#11 documentation:
>
> KeyStore ks = KeyStore.getInstance("PKCS11");
> KeyStore ks = KeyStore.getInstance("PKCS11");
>
> We have experienced a failure on this line under the current release of ubuntu and windows 7 running openjdk. SunJDK 1.6.13 performs as expected.
>
> -Sushi
>
>
>
More information about the security-dev
mailing list