[tls] On 8059818 Keytool does not recognize jssecacerts for -trustcacerts command line option

Xuelei Fan xuelei.fan at oracle.com
Wed Oct 8 03:10:52 UTC 2014

On 10/8/2014 10:53 AM, Wang Weijun wrote:
> On Oct 8, 2014, at 10:43, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>> I think Keytool should be independent of JSSE.
> Yes.
> However, I can think of adding a new system property called "jdk.keytool.cacerts" so that people can point it to a file not jre/lib/security/cacerts. This would be useful for the bug reporter and we can now finally testing the -trustcacerts option.
If I'm correct, the cacerts can be specified in command line.
Considering we have had the command line option, the benefit of adding a
new system property may be limited.


More information about the security-dev mailing list