RFR 8192988: keytool should support -storepasswd for pkcs12 keystores
Weijun Wang
weijun.wang at oracle.com
Wed Dec 13 15:41:56 UTC 2017
> On Dec 13, 2017, at 11:36 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> It looks like you converted p12importks.sh from shell code to java in JKStoPKCS12.java, right?
Yes, and modified a little.
> I think you should still include 8010125 in the @bug label in JKStoPKCS12.java though.
OK.
>
> Otherwise, looks good, one question though:
>
> If you are converting a JKS keystore to a PKCS12 keystore using keytool -importkeystore and the deststorepass and destkeypass are different, is it an error, or does it ignore the destkeypass and use deststorepass?
Ignored.
"Warning: Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified -destkeypass value."
This is not a new behavior.
Thanks
Max
>
> --Sean
>
> On 12/7/17 10:21 PM, Weijun Wang wrote:
>> Hi All
>> Please take a look at
>> http://cr.openjdk.java.net/~weijun/8192988/webrev.00/
>> With this fix, "keytool -storepasswd" and "keytool -importkeystore" on a PKCS12 keystore will change the keypass as well with the storepass.
>> Thanks
>> Max
More information about the security-dev
mailing list