Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

PKCS12 Certificate created with Keytool in Java 11 doesn't work as trustStore

4009746Jul 31 2019

Created Certificate and private key using keytool command line utility ( Using Java 11 ). And then imported certificate's in PKCS#12 type trustStore.

When we try to load created PKCS#12 certificate in keystore inside program ( which run's on java 11.0.3 ), it is giving following Error:

java.io.IOException: keystore password was incorrect

    at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2108)

    at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:222)

    at java.base/java.security.KeyStore.load(KeyStore.java:1479)

But when we ran same program on Java 12.0.1, and try to load same PKCS#12 certificate, it is not giving any error's and it works fine as expected.

My Code Snippet:

KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());

trustStore.load(trustStoreInputStream, "trustStorePassword".toCharArray());

Similar Reported Bug's:

Does PKCS#12 certificate's created with Java 11 does not supported in keystore ?

Or

This bug is fixed in Java 12 but still not back ported in Java 11 (11.0.4) till now ?

Comments
Post Details
Added on Jul 31 2019
0 comments
1,712 views