Details

    • Type: Sub-task
    • Status: Closed
    • Priority: P4
    • Resolution: Delivered
    • Affects Version/s: 7u121, 8u92, 8u101
    • Fix Version/s: None
    • Component/s: security-libs

      Backports

        Description

        Java SE KeyStore does not allow certificates that have the same aliases.
        http://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html

        However, on Windows, multiple certificates stored in one keystore are allowed to have non-unique friendly names.

        The fix for JDK-6483657 makes it possible to operate on such non-uniquely named certificates through the Java API by artificially making the visible aliases unique.

        Please note, this fix does not enable creating same-named certificates with the Java API. It only allows you to deal with same-named certificates that were added to the keystore by 3rd party tools.

        It is still recommended that your design not use multiple certificates with the same name. In particular, the following sentence will not be removed from the Java documentation:
         "In order to avoid problems, it is recommended not to use aliases in a KeyStore that only differ in case."
        http://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  igerasim Ivan Gerasimov
                  Reporter:
                  igerasim Ivan Gerasimov
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: