Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8073955

Update java.security.debug help text to reflect recent enhancements for debugging


    • Type: Bug
    • Status: Closed
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 9
    • Fix Version/s: 9
    • Component/s: security-libs
    • Labels:



        The java.security.debug system property controls tracing and debugging output from security classes.

        Recent enhancements to support KeyStore, PKCS12 and OCSP debugging are all missing from the help
        text emitted by the property:

            % java -Djava.security.debug=help
            all turn on all debugging
            access print all checkPermission results
            certpath PKIX CertPathBuilder and
                          CertPathValidator debugging
            combiner SubjectDomainCombiner debugging
                          GSS LoginConfigImpl debugging
            configfile JAAS ConfigFile loading
            configparser JAAS ConfigFile parsing
            jar jar verification
            logincontext login context results
            jca JCA engine class debugging
            policy loading and granting
            provider security provider debugging
            pkcs11 PKCS11 session manager debugging
                          PKCS11 KeyStore debugging
            sunpkcs11 SunPKCS11 provider debugging
            scl permissions SecureClassLoader assigns
            ts timestamping
            The following can be used with access:
            stack include stack trace
            domain dump all domains in context
            failure before throwing exception, dump stack
                          and domain that didn't have permission
            The following can be used with stack and domain:
                          only dump output if specified permission
                          is being checked
                          only dump output if specified codebase
                          is being checked
            The following can be used with provider:
                          only dump output for the specified list
                          of JCA engines. Supported values:
                          Cipher, KeyAgreement, KeyGenerator,
                          KeyPairGenerator, KeyStore, Mac,
                          MessageDigest, SecureRandom, Signature.
            Note: Separate multiple options with a comma


            Issue Links



                • Assignee:
                  vinnie Vincent Ryan
                  vinnie Vincent Ryan
                • Votes:
                  0 Vote for this issue
                  3 Start watching this issue


                  • Created: