geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-2443) Import CA reply should match the public key in the keystore with that in the certificate from CA.
Date Thu, 28 Sep 2006 16:29:50 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-2443?page=all ]

Vamsavardhana Reddy updated GERONIMO-2443:
------------------------------------------

    Attachment: GERONIMO-2443-v1.2.patch

GERONIMO-2443-v1.2.patch:  Before importing, checks if the public key in the certificate to
be imported is same as the one in the keystore.

> Import CA reply should match the public key in the keystore with that in the certificate
from CA.
> -------------------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-2443
>                 URL: http://issues.apache.org/jira/browse/GERONIMO-2443
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 1.2, 1.1.1
>         Environment: G1.1.1
>            Reporter: Vamsavardhana Reddy
>             Fix For: 1.2, 1.1.2
>
>         Attachments: GERONIMO-2443-v1.2.patch
>
>
> While importing CA reply into the keystore, the public key in the certificate issued
by the CA should be matched with the public key that is currently in the keystore.  java.securtiy.KeyStore.setKeyEntry
does not complain if the privateKey and the publicKey in the certificate are not related 
An accidental import of a certificate corresponding to one public key along with an unrelated
private key renders the key pair useless and results in errors while using the certificate.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message