keytool -selfcert fails for MSCAPI
Weijun Wang
weijun.wang at oracle.com
Mon Nov 7 10:54:46 UTC 2011
Hi Vinnie
I find a problem with the keytool -selfcert command for MSCAPI. As you
know, -selfcert reads the key/cert pair from an entry, updates several
fields in the cert, and writes them back to the keystore.
However, in MSCAPI's KeyStore, there is
public void engineSetKeyEntry(String alias, java.security.Key key,
char[] password, Certificate[] chain) throws KeyStoreException
{
....
if (key instanceof RSAPrivateCrtKey) {
....
} else {
throw new UnsupportedOperationException(
"Cannot assign the key to the given alias.");
}
So here the key must be a RSAPrivateCrtKey. It will be nice if a
sun.security.mscapi.RSAPrivateKey can also be accepted.
Thanks
Max
More information about the security-dev
mailing list