Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6535697

keytool can be more flexible on format of PEM-encoded X.509 certificates

    Details

    • Type: Enhancement
    • Status: Closed
    • Priority: P5
    • Resolution: Fixed
    • Affects Version/s: 7
    • Fix Version/s: 7
    • Component/s: security-libs
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b50
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Verified

      Description

      Currently, keytool is very strict on the format of PEM-encoded X.509 certificates. The file must be started with "-----BEGIN CETIFICATE" and ended with "-----END CERTIFICATE", there can be no other words (including blank lines) before or after the "-----" line.

      Tools like openssl often output certificates with text before the "---- BEGIN" line. Users have to strip these characters before feeding it to keytool.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                weijun Weijun Wang
                Reporter:
                weijun Weijun Wang
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: