-
Bug
-
Resolution: Duplicate
-
P3
-
None
-
7
FULL PRODUCT VERSION :
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
DNSName.java currently does not support dns components starting with numbers. This has been allowed for quite some time as defined by RFC 1123 section 2.1. Furthermore openjdk has updated their implementation to support RFC 1123 and 2181.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Pass a string such as 3test.com to the DNSName constructor
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No IOException due to a leading number in a dns name.
ACTUAL -
A domain name starting with a number is allowed per RFC 1123 but JDK 5/6/7 all return an IOException: DNSName components must begin with a letter
ERROR MESSAGES/STACK TRACES THAT OCCUR :
keytool error: java.lang.RuntimeException: java.io.IOException: DNSName components must begin with a letter
java.lang.RuntimeException: java.io.IOException: DNSName components must begin with a letter
at sun.security.tools.KeyTool.createV3Extensions(Unknown Source)
at sun.security.tools.KeyTool.doSelfCert(Unknown Source)
at sun.security.tools.KeyTool.doGenKeyPair(Unknown Source)
at sun.security.tools.KeyTool.doCommands(Unknown Source)
at sun.security.tools.KeyTool.run(Unknown Source)
at sun.security.tools.KeyTool.main(Unknown Source)
Caused by: java.io.IOException: DNSName components must begin with a letter
at sun.security.x509.DNSName.<init>(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
DNSName.java currently does not support dns components starting with numbers. This has been allowed for quite some time as defined by RFC 1123 section 2.1. Furthermore openjdk has updated their implementation to support RFC 1123 and 2181.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Pass a string such as 3test.com to the DNSName constructor
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No IOException due to a leading number in a dns name.
ACTUAL -
A domain name starting with a number is allowed per RFC 1123 but JDK 5/6/7 all return an IOException: DNSName components must begin with a letter
ERROR MESSAGES/STACK TRACES THAT OCCUR :
keytool error: java.lang.RuntimeException: java.io.IOException: DNSName components must begin with a letter
java.lang.RuntimeException: java.io.IOException: DNSName components must begin with a letter
at sun.security.tools.KeyTool.createV3Extensions(Unknown Source)
at sun.security.tools.KeyTool.doSelfCert(Unknown Source)
at sun.security.tools.KeyTool.doGenKeyPair(Unknown Source)
at sun.security.tools.KeyTool.doCommands(Unknown Source)
at sun.security.tools.KeyTool.run(Unknown Source)
at sun.security.tools.KeyTool.main(Unknown Source)
Caused by: java.io.IOException: DNSName components must begin with a letter
at sun.security.x509.DNSName.<init>(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
- duplicates
-
JDK-8054380 DNSName should be verified when parsing an X509Certificate
-
- Open
-