Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Why does NewSunX509 algorithm prefixes aliases with numbers

843811May 27 2009 — edited May 29 2009
After the discussion here: http://forums.sun.com/thread.jspa?threadID=5388459 and this article: http://www.ibm.com/developerworks/java/library/j-customssl/ I was able to override axis 1 socket factory to send a specific certificate from a keystore with multiple valid certificates.

But, while I was still experiencing with the code, I used the NewSUNX509 algorithm when getting an instance of the KeyManagerFactory
KeyManagerFactory.getInstance("NewSunX509");
When I did that, I could not find the alias I wanted anymore. When stepping in the code I saw that the aliases returned by
keyManager.getClientAliases(keyType, issuers);
had some numbers prefixed to them, like "8.the_alias_as_want". Since I was using String.equals() to check for the alias, it failed the verification.

I could fix that by using String.indexof() or use regular expressions to ignore the prefixed numbers, but now I start worrying how portable this code is. If each algorithm does its own alias manipulation, there's no way I can make the code generic enough to be run with any algorithm. Is there a reason why NewSunX509 adds those numbers to the aliases? It looks weird to me.

Edited by: daniel.mfreitas on May 27, 2009 11:31 AM
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jun 26 2009
Added on May 27 2009
4 comments
818 views