Bug ID: JDK-8177760 keytool can use -trustcacerts for commands other than -importcert

Oracle Technology Network
Java
Java SE
Community
Bug Database

JDK-8177760 : keytool can use -trustcacerts for commands other than -importcert

Type: Bug
Component: security-libs
Sub-Component: java.security

Priority: P3
Status: Closed
Resolution: Duplicate

Submitted: 2017-03-29
Updated: 2020-10-01
Resolved: 2020-10-01

Related Reports

Duplicate :	JDK-8244148 - keytool -printcert and -printcrl should support the -trustcacerts and -keystore options
Relates :	JDK-8177569 - keytool should not warn if signature algorithm used in cacerts is weak

Description

With JDK-8177569, we are changing how keytool checks for weak signature algorithms on root CAs. Besides -importcert, other commands like -printcert , -list, -exportcert might also touch root CA certs. The -trustcacerts thus can also have an effect on these commands.

Doc subtask will be needed.

Comments

Option -trustcacerts has been added to keytool -printcert and -printcrl commands by JDK-8244148. Closed this as a duplicate per Weijun's suggestion.

01-10-2020