JDK-8185844 : MSCAPI doesn't list aliases correctly
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 9,10
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2017-08-04
  • Updated: 2021-11-01
  • Resolved: 2021-10-26
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 18
18 b21Fixed
Related Reports
Relates :  
Relates :  
Relates :  
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.util.Enumeration;

import sun.security.tools.keytool.CertAndKeyGen;
import sun.security.x509.X500Name;

public class WinKeyStoreTest {

    public static void main(String[] args) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("Windows-MY");
        keyStore.load(null, null);
        System.out.println("keystore loaded");

        String alias = "test";
        int number = 2;

        System.out.println("add alias...");
        CertAndKeyGen ckg = new CertAndKeyGen("RSA", "SHA1withRSA");
        ckg.setRandom(new SecureRandom());
        for (int i = 0; i < number; i++) {
                    ckg.getSelfCertificate(new X500Name("CN=TEST"), 1000));
        System.out.println("alias added");

        keyStore.load(null, null);
        System.out.println("keystore reloaded");

    private static void listAlias(KeyStore keyStore) throws KeyStoreException {
        System.out.println("===== alias list =====");
        for (Enumeration<String> e = keyStore.aliases(); e.hasMoreElements();) {
            String alias = e.nextElement();

Test output:
keystore loaded
===== alias list =====
add alias...
alias added
===== alias list =====
keystore reloaded
===== alias list =====
test (1)

The test adds two entries with the same alias to Windows-MY keystore, before reload the keystore, it lists only one alias.
Changeset: 43619458 Author: Weijun Wang <weijun@openjdk.org> Date: 2021-10-26 02:39:05 +0000 URL: https://git.openjdk.java.net/jdk/commit/43619458d183bbbaec745887314ddcf7a8aa4136

This issue may also affect the below case: 1. Windows-MY keystore already has two entries with the same alias "X", 2. Try to delete the two "X" entries via the following code snippet, keyStore.deleteEntry("X"); keyStore.deleteEntry("X"); But finally only one "X" entry is really deleted.