You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org> on 2006/09/28 17:52:50 UTC
[jira] Created: (GERONIMO-2443) Import CA reply should match the
public key in the keystore with that in the certificate from CA.
Import CA reply should match the public key in the keystore with that in the certificate from CA.
-------------------------------------------------------------------------------------------------
Key: GERONIMO-2443
URL: http://issues.apache.org/jira/browse/GERONIMO-2443
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: security
Affects Versions: 1.1.1, 1.2
Environment: G1.1.1
Reporter: Vamsavardhana Reddy
Fix For: 1.1.2, 1.2
While importing CA reply into the keystore, the public key in the certificate issued by the CA should be matched with the public key that is currently in the keystore. java.securtiy.KeyStore.setKeyEntry does not complain if the privateKey and the publicKey in the certificate are not related An accidental import of a certificate corresponding to one public key along with an unrelated private key renders the key pair useless and results in errors while using the certificate.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2443) Import CA reply should match the
public key in the keystore with that in the certificate from CA.
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2443?page=all ]
Vamsavardhana Reddy updated GERONIMO-2443:
------------------------------------------
Attachment: GERONIMO-2443-v1.2.patch
GERONIMO-2443-v1.2.patch: Before importing, checks if the public key in the certificate to be imported is same as the one in the keystore.
> Import CA reply should match the public key in the keystore with that in the certificate from CA.
> -------------------------------------------------------------------------------------------------
>
> Key: GERONIMO-2443
> URL: http://issues.apache.org/jira/browse/GERONIMO-2443
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.2, 1.1.1
> Environment: G1.1.1
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.1.2
>
> Attachments: GERONIMO-2443-v1.2.patch
>
>
> While importing CA reply into the keystore, the public key in the certificate issued by the CA should be matched with the public key that is currently in the keystore. java.securtiy.KeyStore.setKeyEntry does not complain if the privateKey and the publicKey in the certificate are not related An accidental import of a certificate corresponding to one public key along with an unrelated private key renders the key pair useless and results in errors while using the certificate.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (GERONIMO-2443) Import CA reply should match the
public key in the keystore with that in the certificate from CA.
Posted by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2443?page=all ]
Vamsavardhana Reddy closed GERONIMO-2443.
-----------------------------------------
Resolution: Fixed
Fixed. Rev 470461 (trunk) and Rev 470470 (branches\1.1)
> Import CA reply should match the public key in the keystore with that in the certificate from CA.
> -------------------------------------------------------------------------------------------------
>
> Key: GERONIMO-2443
> URL: http://issues.apache.org/jira/browse/GERONIMO-2443
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.2, 1.1.1
> Environment: G1.1.1
> Reporter: Vamsavardhana Reddy
> Fix For: 1.1.2, 1.2
>
> Attachments: GERONIMO-2443-v1.2.patch
>
>
> While importing CA reply into the keystore, the public key in the certificate issued by the CA should be matched with the public key that is currently in the keystore. java.securtiy.KeyStore.setKeyEntry does not complain if the privateKey and the publicKey in the certificate are not related An accidental import of a certificate corresponding to one public key along with an unrelated private key renders the key pair useless and results in errors while using the certificate.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira