Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-2242

Keystore change from JKS to PKCS12

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.0.0.AM25
    • None
    • None

    Description

      Until Java 8 the default key store was JKS, since Java 9 the default is PKCS12.

      In the server code when we use key stores there is a mix of

      • KeyStore.getInstance( KeyStore.getDefaultType() );
      • KeyStore.getInstance( "JKS" );

      This needs to be cleaned up.

      There is also the question if an automatic migration from existing JKS stores in existing installations .to PKCS12 is possible

      Workaround is to change default keystore to JKS (property keystore.type in $JAVA_HOME/conf/security/java.security)

       Reference: http://openjdk.java.net/jeps/229

      Attachments

        Issue Links

          is cloned by

          Improvement - An improvement or enhancement to an existing feature or task. DIRSTUDIO-1190 Keystore change from JKS to PKCS12

          • Major - Major loss of function.
          • Closed

          Activity

            People

              seelmann Stefan Seelmann
              seelmann Stefan Seelmann
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: