Details
-
Type:
Bug
-
Status: Closed
-
Priority:
P4
-
Resolution: Duplicate
-
Affects Version/s: 8, 9
-
Fix Version/s: None
-
Component/s: security-libs
-
Subcomponent:
-
CPU:generic
-
OS:generic
Description
FULL PRODUCT VERSION :
All versions
ADDITIONAL OS VERSION INFORMATION :
All versions
A DESCRIPTION OF THE PROBLEM :
With the recent report that SHA1 is no longer safe, the keytool gencert command is not generating a SHA2 fingerprint in the cert even with SHA2 signing alg.
The community as a whole requires this to be fix I order for our generated certs to be safe.
The issues that apply to SHA1 does apply to the fingerprint as well.
I need an ETA when this will be fixed b
REGRESSION. Last worked in version 6u43
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Simply when using keytool and creating a cert with gencert, we need a way to support a SHA2!fingerprint
REPRODUCIBILITY :
This bug can be reproduced always.
All versions
ADDITIONAL OS VERSION INFORMATION :
All versions
A DESCRIPTION OF THE PROBLEM :
With the recent report that SHA1 is no longer safe, the keytool gencert command is not generating a SHA2 fingerprint in the cert even with SHA2 signing alg.
The community as a whole requires this to be fix I order for our generated certs to be safe.
The issues that apply to SHA1 does apply to the fingerprint as well.
I need an ETA when this will be fixed b
REGRESSION. Last worked in version 6u43
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Simply when using keytool and creating a cert with gencert, we need a way to support a SHA2!fingerprint
REPRODUCIBILITY :
This bug can be reproduced always.
Attachments
Issue Links
- duplicates
-
JDK-8141457 keytool default cert fingerprint algorithm should be SHA-256
-
- Resolved
-