[tls] On 8059818 Keytool does not recognize jssecacerts for -trustcacerts command line option

Wang Weijun weijun.wang at oracle.com
Wed Oct 8 07:33:52 UTC 2014

On Oct 8, 2014, at 12:25, Xuelei Fan <xuelei.fan at oracle.com> wrote:

> On 10/8/2014 12:21 PM, Wang Weijun wrote:
>> There are two keystores here. -keystore points to user's keystore that keytool will save into. cacerts is a read-only keystore that is used to find trusted certs.
> Got it.
> Is it possible to add an optional argument for the "-trustcacerts"
> option?  If no argument, use the cacerts; otherwise, use the specified
> value.

Every keytool option either has an argument or not, so it you'd like it specified on the command line, a new option should be invented.

Do you happen to know there are other cases where a user want to customize the location of cacerts?


> Xuelei

More information about the security-dev mailing list