About duplicate aliases in MSCAPI keystore
Weijun Wang
weijun.wang at oracle.com
Wed Mar 14 00:13:59 UTC 2018
I am looking at this bug
https://bugs.openjdk.java.net/browse/JDK-8185844
MSCAPI doesn't list aliases correctly
For the Windows-MY keystore, if you call setEntry() on the same alias (say, "alias") twice, the keystore shows only one entry with the alias. But after closing and re-loading, two are shown, "alias", and "alias (1)".
I know the Windows tool certutil.exe can be used to add 2 entries with the same name, and both will be stored. In this case, if we use Java to load the keystore, we will have to list both, with different aliases.
But do we really need to support it on the Java side? Can we just overwrite the previous entry when setEntry() is called on an existing alias?
Was this designed as a feature?
Thanks
Max
More information about the security-dev
mailing list