Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8177760

keytool can use -trustcacerts for commands other than -importcert

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:
      None

      Description

      With JDK-8177569, we are changing how keytool checks for weak signature algorithms on root CAs. Besides -importcert, other commands like -printcert , -list, -exportcert might also touch root CA certs. The -trustcacerts thus can also have an effect on these commands.

      Doc subtask will be needed.

        Attachments

          Issue Links

          duplicates

          Enhancement - null JDK-8244148 keytool -printcert and -printcrl should support the -trustcacerts and -keystore options

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JDK-8177569 keytool should not warn if signature algorithm used in cacerts is weak

          • P2 - Crashes, loss of data, severe memory leak.
          • Closed

            Activity

              People

              Assignee:
              hchao Haimay Chao
              Reporter:
              weijun Weijun Wang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: