-
Bug
-
Resolution: Fixed
-
P4
-
9
-
b53
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8084582 | emb-9 | Vincent Ryan | P4 | Resolved | Fixed | team |
The java.security.debug system property controls tracing and debugging output from security classes.
Recent enhancements to support KeyStore, PKCS12 and OCSP debugging are all missing from the help
text emitted by the property:
% java -Djava.security.debug=help
all turn on all debugging
access print all checkPermission results
certpath PKIX CertPathBuilder and
CertPathValidator debugging
combiner SubjectDomainCombiner debugging
gssloginconfig
GSS LoginConfigImpl debugging
configfile JAAS ConfigFile loading
configparser JAAS ConfigFile parsing
jar jar verification
logincontext login context results
jca JCA engine class debugging
policy loading and granting
provider security provider debugging
pkcs11 PKCS11 session manager debugging
pkcs11keystore
PKCS11 KeyStore debugging
sunpkcs11 SunPKCS11 provider debugging
scl permissions SecureClassLoader assigns
ts timestamping
The following can be used with access:
stack include stack trace
domain dump all domains in context
failure before throwing exception, dump stack
and domain that didn't have permission
The following can be used with stack and domain:
permission=<classname>
only dump output if specified permission
is being checked
codebase=<URL>
only dump output if specified codebase
is being checked
The following can be used with provider:
engine=<engines>
only dump output for the specified list
of JCA engines. Supported values:
Cipher, KeyAgreement, KeyGenerator,
KeyPairGenerator, KeyStore, Mac,
MessageDigest, SecureRandom, Signature.
Note: Separate multiple options with a comma
Recent enhancements to support KeyStore, PKCS12 and OCSP debugging are all missing from the help
text emitted by the property:
% java -Djava.security.debug=help
all turn on all debugging
access print all checkPermission results
certpath PKIX CertPathBuilder and
CertPathValidator debugging
combiner SubjectDomainCombiner debugging
gssloginconfig
GSS LoginConfigImpl debugging
configfile JAAS ConfigFile loading
configparser JAAS ConfigFile parsing
jar jar verification
logincontext login context results
jca JCA engine class debugging
policy loading and granting
provider security provider debugging
pkcs11 PKCS11 session manager debugging
pkcs11keystore
PKCS11 KeyStore debugging
sunpkcs11 SunPKCS11 provider debugging
scl permissions SecureClassLoader assigns
ts timestamping
The following can be used with access:
stack include stack trace
domain dump all domains in context
failure before throwing exception, dump stack
and domain that didn't have permission
The following can be used with stack and domain:
permission=<classname>
only dump output if specified permission
is being checked
codebase=<URL>
only dump output if specified codebase
is being checked
The following can be used with provider:
engine=<engines>
only dump output for the specified list
of JCA engines. Supported values:
Cipher, KeyAgreement, KeyGenerator,
KeyPairGenerator, KeyStore, Mac,
MessageDigest, SecureRandom, Signature.
Note: Separate multiple options with a comma
- backported by
-
JDK-8084582 Update java.security.debug help text to reflect recent enhancements for debugging
-
- Resolved
-
- relates to
-
JDK-8044445 JEP 229: Create PKCS12 Keystores by Default
-
- Closed
-