New switch suggestion for keytool

Matthew Hall mhall at mhcomputing.net
Tue Dec 16 23:32:45 UTC 2014


On Tue, Dec 16, 2014 at 08:50:24AM +0800, Wang Weijun wrote:
> For a program? It's super easy for a program to create an empty keystore.

Why have to do it separately, when it could be added to keytool for all?

> > Many StackOverflows exist of people doing it manually to "work around" this 
> > limitation.
> 
> In fact, I searched for "create empty keystore" on stackoverflow and didn't 
> notice such a requirement.

The ones I ran across were for PKCS#11 using the NSS C-code tools because I 
had to be FIPS compliant. But it'd be nice if Java's tools supported it too.

Matthew.



More information about the security-dev mailing list