-
Bug
-
Resolution: Fixed
-
P4
-
18
-
b25
-
generic
-
generic
ADDITIONAL SYSTEM INFORMATION :
$ java -version
openjdk version "11.0.14.1" 2022-02-08
OpenJDK Runtime Environment 18.9 (build 11.0.14.1+1)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.14.1+1, mixed mode, sharing)
$ ./bin/keytool --version
keytool 18
A DESCRIPTION OF THE PROBLEM :
https://docs.oracle.com/en/java/javase/18/docs/specs/man/keytool.html#supported-named-extensions
is: BasicContraints
should be: BasicConstraints
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Use value from documentation with
$ $ ./bin/keytool \
-genkeypair \
-storepass changeit \
-alias typo \
-validity 180 \
-keyalg RSA \
-keysize 2048 \
-keystore /tmp/typo.jks \
-dname "CN=typo, OU=jdk, C=US" \
-ext BasicContraints=ca:false \
-ext KeyUsage=digitalSignature,keyEncipherment \
-ext ExtendedKeyUsage=serverAuth \
-v
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 180 days
for: CN=typo, OU=jdk, C=US
[Storing /tmp/typo.jks]
ACTUAL -
keytool error: java.lang.RuntimeException: java.io.IOException: ObjectIdentifier() -- Invalid format: java.lang.NumberFormatException: For input string: "BasicC"
java.lang.RuntimeException: java.io.IOException: ObjectIdentifier() -- Invalid format: java.lang.NumberFormatException: For input string: "BasicC"
CUSTOMER SUBMITTED WORKAROUND :
Ignore value provided in documentation and use correct one.
FREQUENCY : always
$ java -version
openjdk version "11.0.14.1" 2022-02-08
OpenJDK Runtime Environment 18.9 (build 11.0.14.1+1)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.14.1+1, mixed mode, sharing)
$ ./bin/keytool --version
keytool 18
A DESCRIPTION OF THE PROBLEM :
https://docs.oracle.com/en/java/javase/18/docs/specs/man/keytool.html#supported-named-extensions
is: BasicContraints
should be: BasicConstraints
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Use value from documentation with
$ $ ./bin/keytool \
-genkeypair \
-storepass changeit \
-alias typo \
-validity 180 \
-keyalg RSA \
-keysize 2048 \
-keystore /tmp/typo.jks \
-dname "CN=typo, OU=jdk, C=US" \
-ext BasicContraints=ca:false \
-ext KeyUsage=digitalSignature,keyEncipherment \
-ext ExtendedKeyUsage=serverAuth \
-v
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 180 days
for: CN=typo, OU=jdk, C=US
[Storing /tmp/typo.jks]
ACTUAL -
keytool error: java.lang.RuntimeException: java.io.IOException: ObjectIdentifier() -- Invalid format: java.lang.NumberFormatException: For input string: "BasicC"
java.lang.RuntimeException: java.io.IOException: ObjectIdentifier() -- Invalid format: java.lang.NumberFormatException: For input string: "BasicC"
CUSTOMER SUBMITTED WORKAROUND :
Ignore value provided in documentation and use correct one.
FREQUENCY : always