[tls] On 8059818 Keytool does not recognize jssecacerts for -trustcacerts command line option

Wang Weijun weijun.wang at oracle.com
Wed Oct 8 01:35:09 UTC 2014


Hi, SSL/TLS experts

A bug was recently filed at

   https://bugs.openjdk.java.net/browse/JDK-8059818

The reporter requests for keytool -importcert to pre-trust certs in jre/lib/security/jssecacerts. The command only recognizes jre/lib/security/cacerts now.

It is always possible to import a private CA into a user's keystore (where the client side private key is stored) and then import a cert into there without any prompt. However, if you think testing an extra keystore (like jssecacerts) has its own benefit, I will add the support.

Thanks
Max



More information about the security-dev mailing list