Import CA reply should match the public key in the keystore with that in the
certificate from CA.
-------------------------------------------------------------------------------------------------
Key: GERONIMO-2443
URL: http://issues.apache.org/jira/browse/GERONIMO-2443
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: security
Affects Versions: 1.1.1, 1.2
Environment: G1.1.1
Reporter: Vamsavardhana Reddy
Fix For: 1.1.2, 1.2
While importing CA reply into the keystore, the public key in the certificate
issued by the CA should be matched with the public key that is currently in the
keystore. java.securtiy.KeyStore.setKeyEntry does not complain if the
privateKey and the publicKey in the certificate are not related An accidental
import of a certificate corresponding to one public key along with an unrelated
private key renders the key pair useless and results in errors while using the
certificate.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
