-
Bug
-
Resolution: Fixed
-
P4
-
6
-
mustang
-
generic
-
generic
-
Verified
Tested_Java_Release : 1.5.0-beta2-b48/latestPIT-build
Tested_bundles_Location :
promoted builds: /net/koori.sfbay/p/jdk07/jdk/1.5.0/beta2/b48/bundles
pit bundles : /java/j2se-sqe/deployment3/tiger/PIT_builds/JD-PIT-26/
Tested_Machine_Name : moremoney/blueski
Tested O/S : winxp/solaris10
Problem Description :
If there is any entry of client authentication store at system level then
opertaion of exporting the certificate into user level client authectication
store doesn't work. As soon as the system level client authentication store is
removed ,everything starts working fine. For rest all of the stores export function works fine, irrespective of presence of certificate store at corresponding system level.
Steps to reproduce the bug:
First we will try to export certificate into the user level "trusted certficates"(trusted.certs) store to make sure that operation is independent of presence of certicate store at system level
1) Copy /net/sqesvr-nfs/global/nfs/deployment2/jitu/trusted.certs to
<jre>/home/lib/security
2)try to run the following signed applet. There should not be any security pop-up ,'coz trusted.certs is present at system level
http://sqeweb.sfbay.sun.com/deployment1/deployment_tiger_exec_ws/deployment/tests/RSATestsuite/pluginhtml-default/Vergrant.html
3) Open Java Control Panel > Security > Certificates
4) "Certificates" window wil be there, select option "System-Trusted Certificates"
5) Select the certificate and click "Export",save the certficate at desired location e.g. C:/test/test.p12
6) On Certficates window select option "User-Trusted Certificates"
7) Select "Import" and try to access the certificate exported above
8) You can notice the certficate entry under "User-Trusted Certificates" and trusted.certs getting created under <user_dep_home>/security
(<user_dep_home> is <user_home>/.java/deployment/security on unix and
C:/Documents and Settings/Application Data/<user>/Sun/Java/Deployment on
windows)
9) remove trusted.certs from the <jre_home>/lib/security
10)try to run the following signed applet again. There should not be any security pop-up ,'coz this time trusted.certs exists at user level
http://sqeweb.sfbay.sun.com/deployment1/deployment_tiger_exec_ws/deployment/tests/RSATestsuite/pluginhtml-default/Vergrant.html
This confirm the export is successful.
Repeat the above steps for client-authentication store
1) Copy /net/sqesvr-nfs/global/nfs/deployment2/jitu/trusted.clientcerts to
<jre>/home/lib/security
2) Open Java Control Panel > Security > Certificates
3) "Certificates" window will be there, select option "System-Client Authentication"
4) There should be two certificates enteries as "Dennis Gu" and "Poonam". Select any one of the two certificates and click "Export", and try to save the certficate at desired location e.g. C:/test/new.p12
5) Password dialogs pop-up will be there, supply password "changeit" for both the password dialogs
6) Now on Certificates window select option "User-Client Authentication"
7) Try to import the certifcate exported above(new.p12)
8) Password pop-up should be there, asking to supply the password to access the file. Supply the password "changeit"
9) There should be second pop-up to access the keystore but it's not there and nothing happens i.e. certificate is not getting exported
10) Quit control panel and remove the certificate store trusted.clientcerts from the <jre>/lib/security
11) Invoke JCP again and try to export the certificate under "User-Client Authentication"
12) This time you can notice that there are two password pop-ups coming to access the certifcate file and keystore. (password is "changeit")
13) Now you can notice the certificate entry under "User-Client Authentication" i.e. certificate is getting exported successfully
If you are unable to export certifcates into the user level client authentication store if store is present at system level then the bug is reproduced
Tested_bundles_Location :
promoted builds: /net/koori.sfbay/p/jdk07/jdk/1.5.0/beta2/b48/bundles
pit bundles : /java/j2se-sqe/deployment3/tiger/PIT_builds/JD-PIT-26/
Tested_Machine_Name : moremoney/blueski
Tested O/S : winxp/solaris10
Problem Description :
If there is any entry of client authentication store at system level then
opertaion of exporting the certificate into user level client authectication
store doesn't work. As soon as the system level client authentication store is
removed ,everything starts working fine. For rest all of the stores export function works fine, irrespective of presence of certificate store at corresponding system level.
Steps to reproduce the bug:
First we will try to export certificate into the user level "trusted certficates"(trusted.certs) store to make sure that operation is independent of presence of certicate store at system level
1) Copy /net/sqesvr-nfs/global/nfs/deployment2/jitu/trusted.certs to
<jre>/home/lib/security
2)try to run the following signed applet. There should not be any security pop-up ,'coz trusted.certs is present at system level
http://sqeweb.sfbay.sun.com/deployment1/deployment_tiger_exec_ws/deployment/tests/RSATestsuite/pluginhtml-default/Vergrant.html
3) Open Java Control Panel > Security > Certificates
4) "Certificates" window wil be there, select option "System-Trusted Certificates"
5) Select the certificate and click "Export",save the certficate at desired location e.g. C:/test/test.p12
6) On Certficates window select option "User-Trusted Certificates"
7) Select "Import" and try to access the certificate exported above
8) You can notice the certficate entry under "User-Trusted Certificates" and trusted.certs getting created under <user_dep_home>/security
(<user_dep_home> is <user_home>/.java/deployment/security on unix and
C:/Documents and Settings/Application Data/<user>/Sun/Java/Deployment on
windows)
9) remove trusted.certs from the <jre_home>/lib/security
10)try to run the following signed applet again. There should not be any security pop-up ,'coz this time trusted.certs exists at user level
http://sqeweb.sfbay.sun.com/deployment1/deployment_tiger_exec_ws/deployment/tests/RSATestsuite/pluginhtml-default/Vergrant.html
This confirm the export is successful.
Repeat the above steps for client-authentication store
1) Copy /net/sqesvr-nfs/global/nfs/deployment2/jitu/trusted.clientcerts to
<jre>/home/lib/security
2) Open Java Control Panel > Security > Certificates
3) "Certificates" window will be there, select option "System-Client Authentication"
4) There should be two certificates enteries as "Dennis Gu" and "Poonam". Select any one of the two certificates and click "Export", and try to save the certficate at desired location e.g. C:/test/new.p12
5) Password dialogs pop-up will be there, supply password "changeit" for both the password dialogs
6) Now on Certificates window select option "User-Client Authentication"
7) Try to import the certifcate exported above(new.p12)
8) Password pop-up should be there, asking to supply the password to access the file. Supply the password "changeit"
9) There should be second pop-up to access the keystore but it's not there and nothing happens i.e. certificate is not getting exported
10) Quit control panel and remove the certificate store trusted.clientcerts from the <jre>/lib/security
11) Invoke JCP again and try to export the certificate under "User-Client Authentication"
12) This time you can notice that there are two password pop-ups coming to access the certifcate file and keystore. (password is "changeit")
13) Now you can notice the certificate entry under "User-Client Authentication" i.e. certificate is getting exported successfully
If you are unable to export certifcates into the user level client authentication store if store is present at system level then the bug is reproduced