https://issues.apache.org/bugzilla/show_bug.cgi?id=56178
Bug ID: 56178
Summary: keytool error: Invalid escaped character in AVA: -
some characters must be escaped
Product: JMeter
Version: 2.11
Hardware: PC
OS: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: HTTP
Assignee: [email protected]
Reporter: [email protected]
Certain characters have special meaning to the keytool application when used in
the command-line -dname parameter. For example:
keytool -genkeypair -dname "OU=Foobar, INC" -keyalg RSA -keystore
proxyserver.jks -storepass password
keytool error: java.io.IOException: Incorrect AVA format
and
keytool -genkeypair -dname "CN=DOMAIN\USER" -keyalg RSA -keystore
proxyserver.jks -storepass password
keytool error: java.io.IOException: Invalid escaped character in AVA: 'U'
The keytool doc [1] only mentions comma as requiring escape.
However there are some others that are apparently not allowed, such as +
(plus). It also looks like ; (semi-colon) is not allowed without escaping
Unfortunately keytool complains if escaping is used when it is not necessary,
so it's important to only escape where necessary.
The problem arises in JMeter because it uses the value of the system property
"user.name" when creating the certificate. This defaults to the user login
name, which may be of the form DOMAIN\USER.
The simplest solution would be to drop the user name from the certificate,
however the intention is to identify to whom the certificate belongs.
The name needs to be sanitised somehow.
Not yet clear how to do this without perhaps losing useful information.
[1]
http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html#DName
end of section refers to comma escaping
--
You are receiving this mail because:
You are the assignee for the bug.
