A DESCRIPTION OF THE REQUEST :
I'm using a certificate using a Brainpool elliptic curve parameter. This is not supported in Java 8. I was searching if it is possible to provide a different crypto provider, e.g. BouncyCastle. This was working to migrate PKCS#12 keystores into a JSK keystore. But for importing a simple certificate into a truststore such an option is not available. This prevent to use such an certificate in a truststore which results in not being able to start a TLS based server needed this truststore for the CI certificate.

JUSTIFICATION :
The Brainpool elliptic curve is a standard used today. It should be supported, but also in the case of a new or different algorithmic parameter it should be possible to supply a source crypto provider which is able to handle it correctly.

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The certificate should be imported.
ACTUAL -
The following exception is thrown:

Keytool-Fehler: java.security.cert.CertificateParsingException: java.io.IOException: Unknown named curve: 1.3.36.3.3.2.8.1.1.7

---------- BEGIN SOURCE ----------
See the needed data in the patched project:

https://github.com/koh-osug/java-keytool

keytool.exe-importcert -alias ci -file CERT_CI_ECDSA_BRP.der -keystore truststore.jks -providerPath bcprov-jdk15on-1.59.jar -v -providerClass org.bouncycastle.jce.provider.BouncyCastleProvider
---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
None, but I have released a patched version:

https://github.com/koh-osug/java-keytool

The only needed change starts at line 916:

https://github.com/koh-osug/java-keytool/blob/master/src/main/java/sun/security/tools/keytool/Main2.java#L916

            if (srcProviderName != null) {
                cf = CertificateFactory.getInstance("X509", srcProviderName);
            }
            else {
                cf = CertificateFactory.getInstance("X509");
            }