[ http://issues.apache.org/jira/browse/GERONIMO-2443?page=all ]
Vamsavardhana Reddy updated GERONIMO-2443:
------------------------------------------
Attachment: GERONIMO-2443-v1.2.patch
GERONIMO-2443-v1.2.patch: Before importing, checks if the public key in the
certificate to be imported is same as the one in the keystore.
> Import CA reply should match the public key in the keystore with that in the
> certificate from CA.
> -------------------------------------------------------------------------------------------------
>
> Key: GERONIMO-2443
> URL: http://issues.apache.org/jira/browse/GERONIMO-2443
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.2, 1.1.1
> Environment: G1.1.1
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.1.2
>
> Attachments: GERONIMO-2443-v1.2.patch
>
>
> While importing CA reply into the keystore, the public key in the certificate
> issued by the CA should be matched with the public key that is currently in
> the keystore. java.securtiy.KeyStore.setKeyEntry does not complain if the
> privateKey and the publicKey in the certificate are not related An
> accidental import of a certificate corresponding to one public key along with
> an unrelated private key renders the key pair useless and results in errors
> while using the certificate.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
