[tls] On 8059818 Keytool does not recognize jssecacerts for -trustcacerts command line option

Xuelei Fan xuelei.fan at oracle.com
Wed Oct 8 02:43:57 UTC 2014


I think Keytool should be independent of JSSE.

Xuelei

On 10/8/2014 9:35 AM, Wang Weijun wrote:
> Hi, SSL/TLS experts
> 
> A bug was recently filed at
> 
>    https://bugs.openjdk.java.net/browse/JDK-8059818
> 
> The reporter requests for keytool -importcert to pre-trust certs in jre/lib/security/jssecacerts. The command only recognizes jre/lib/security/cacerts now.
> 
> It is always possible to import a private CA into a user's keystore (where the client side private key is stored) and then import a cert into there without any prompt. However, if you think testing an extra keystore (like jssecacerts) has its own benefit, I will add the support.
> 
> Thanks
> Max
> 



More information about the security-dev mailing list