-
Bug
-
Resolution: Fixed
-
P4
-
8
-
b15
-
generic
-
generic
-
Not verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8018748 | 7u45 | Weijun Wang | P4 | Closed | Fixed | b01 |
JDK-8006359 | 7u40 | Weijun Wang | P4 | Resolved | Fixed | b10 |
keytool uses CertAndKeyGen to generate a basic self-signed certificate with no extensions. When -ext option was introduced, -genkeypair was implemented as original -genkeypair plus -selfcert, and extensions info was added in the -selfcert step.
This means the keystore object is modified twice in this single operation. In the case of PKCS11 or MSCAPI, it is actually written to the token twice. If a token can only be written once, the action will fail.
This means the keystore object is modified twice in this single operation. In the case of PKCS11 or MSCAPI, it is actually written to the token twice. If a token can only be written once, the action will fail.
- backported by
-
JDK-8006359 keytool -genkeypair needn't call -selfcert
-
- Resolved
-
-
JDK-8018748 keytool -genkeypair needn't call -selfcert
-
- Closed
-
- relates to
-
JDK-8054019 Keytool Error publicKey's is not X.509, but X509
-
- Resolved
-