Bug ID: JDK-8208176 Enhance keytool to deal with password-less pkcs12 keystores nicely

JDK-8208176 : Enhance keytool to deal with password-less pkcs12 keystores nicely

Type: Enhancement
Component: security-libs
Sub-Component: java.security
Affected Version: 12

Priority: P4
Status: Closed
Resolution: Duplicate

Submitted: 2018-07-25
Updated: 2018-10-12
Resolved: 2018-10-12

Related Reports

Blocks :	JDK-8162628 - The CACERTS keystore type
Duplicate :	JDK-8076190 - Customizing the generation of a PKCS12 keystore
Relates :	JDK-8076190 - Customizing the generation of a PKCS12 keystore
Relates :	JDK-8194749 - password handling with keytool -cacerts

Description

The enhancement could include:

1. When keystore is password-less, do not prompt or complain about missing -storepass.

2. When keystore is password-less and -storepass is provided, consider a warning on it being useless.

3. For password-less keystore, allow storepass and keypass be different. For example, allowing providing -keypass without -storepass, etc.

A keystore is password-less if:

1. It exists and is password-less

2. It does not exist but will be created password-less

Comments

The code change for this RFE will be included in JDK-8076190.

12-10-2018