Details
-
Bug
-
Resolution: Fixed
-
P4
-
None
-
b53
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8084573 | emb-9 | Weijun Wang | P4 | Resolved | Fixed | team |
JDK-8290276 | 8u351 | Prasadarao Koppula | P4 | Resolved | Fixed | b03 |
Description
keytool -ext allows extension types to be provided either with a name or with an object identifier. If the same type is provided twice with name and OID respectively, it generates a certificate with duplicate extension types. Such a certificate will not be accepted by Java.
Error message seen: keytool error: java.security.cert.CertificateParsingException: java.io.IOException: Duplicate extensions not allowed
Error message seen: keytool error: java.security.cert.CertificateParsingException: java.io.IOException: Duplicate extensions not allowed
Attachments
Issue Links
- backported by
-
JDK-8084573 keytool may generate duplicate extensions
- Resolved
-
JDK-8290276 keytool may generate duplicate extensions
- Resolved
- relates to
-
JDK-8074018 Named extension not recognized in keytool -ext honored after 8073182
- Resolved
-
JDK-8073851 keytool.html change for JDK-8073182
- Closed
-
JDK-7145757 CertificateExtensions uses non-consistent key names
- Open