Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8284194

Allow empty subject fields in keytool

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Fixed
    • Icon: P4 P4
    • 19
    • None
    • security-libs
    • None

      `keytool -genkeypair` will prompt for the subject name if `-dname` option is not specified. There are several fields (CN, OU, etc) and each has a default value. User either enters a new value or types enter to accept the default value. This means there is no way to bypass a field.

      In openssl, "a field can still be omitted if a default value is present if the user just enters the '.' character." We can do the same.

      Note that you cannot bypass all fields because the name is also used as the issuer name and it cannot be empty.

            weijun Weijun Wang
            weijun Weijun Wang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: