You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by bu...@apache.org on 2007/09/19 15:51:43 UTC
DO NOT REPLY [Bug 43414] - Cannot parse X509 cert with key size longer than 2048 (JRE 1.4)
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43414>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43414
sean.mullan@sun.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
------- Additional Comments From sean.mullan@sun.com 2007-09-19 06:51 -------
There are a couple of problems with the proposed solution.
First, there are plenty of other places in the code in which other JCE/JCA
engine classes are instantiated without specifying a specific provider. Second,
one provider may not be the right provider for all of them (for example, they
may not support all of the algorithms you need).
A better solution, in my opinion, is to call the standard
java.security.Security.insertProviderAt API from your application which will
insert your preferred provider(s) at the preference you would like, ex:
Security.insertProvider(new BouncyCastleProvider(), 1);
This will allow the JRE to fallback and try other installed
providers if the provider above does not support a requested algorithm or
parameters, etc.
Let me know if this works for you.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.