JDK-4638294 : X509Certificate Javadoc should explain getIssuerDN() vs getIssuerX500Principal()
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 1.4.0
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: linux
  • CPU: x86
  • Submitted: 2002-02-14
  • Updated: 2007-05-22
  • Resolved: 2007-05-22
Related Reports
Duplicate :  
Description

Name: gm110360			Date: 02/14/2002


FULL PRODUCT VERSION :
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-beta3-
b84)
Java HotSpot(TM) Client VM (build 1.4.0-beta3-b84, mixed mode)


A DESCRIPTION OF THE PROBLEM :
The javadoc should explain that the recommended way
for retrieving a principal string from a certificate is
get.SubjectX500Principal().getName() or
getIssuerX500Principal() .getName() instead of
getSubjectDN().getName() or
getIssuerDN().getName(). That latter return Strings with
an implemenation defined format, which causes
problems comparing. Also, using these strings with
X509CerSelector object causes problems.

Reference: internal bug ID 4619691

This bug can be reproduced always.
(Review ID: 139616) 
======================================================================

Comments
EVALUATION Will fix in tiger ###@###.### 2003-03-04
2003-03-04