Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8284194

Allow empty subject fields in keytool

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Fixed
    • P4
    • 19
    • None
    • security-libs
    • None

    Description

      `keytool -genkeypair` will prompt for the subject name if `-dname` option is not specified. There are several fields (CN, OU, etc) and each has a default value. User either enters a new value or types enter to accept the default value. This means there is no way to bypass a field.

      In openssl, "a field can still be omitted if a default value is present if the user just enters the '.' character." We can do the same.

      Note that you cannot bypass all fields because the name is also used as the issuer name and it cannot be empty.

      Attachments

        Issue Links

          csr for

          CSR - null JDK-8286614 Allow empty subject fields in keytool

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          links to

          Commit Commit openjdk/jdk/f4f1dddf

          Review Review openjdk/jdk/8667

          Activity

            People

              weijun Weijun Wang
              weijun Weijun Wang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: