[ 
https://issues.apache.org/jira/browse/DIRSERVER-2242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16572980#comment-16572980
 ] 

Stefan Seelmann commented on DIRSERVER-2242:
--------------------------------------------

Emmanuel, sorry but I didn't update the Jira. It should all be fixed already, 
see 
[https://github.com/apache/directory-server/commit/fbf65dd9a978c00843137f3f01d96a3f52dae836]

Also the migration is not an issue, Oracle did a good thing: In Java 9-11 the 
default is PKCS12, but if it detects that a keystore is JKS it can read it. And 
Java 8 defaults to JKS but can also read PKCS12.

> Keystore change from JKS to PKCS12
> ----------------------------------
>
>                 Key: DIRSERVER-2242
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2242
>             Project: Directory ApacheDS
>          Issue Type: Improvement
>            Reporter: Stefan Seelmann
>            Priority: Major
>
> Until Java 8 the default key store was JKS, since Java 9 the default is 
> PKCS12.
> In the server code when we use key stores there is a mix of
>  * KeyStore.getInstance( KeyStore.getDefaultType() );
>  * KeyStore.getInstance( "JKS" );
> This needs to be cleaned up.
> There is also the question if an automatic migration from existing JKS stores 
> in existing installations .to PKCS12 is possible
> Workaround is to change default keystore to JKS (property keystore.type in 
> $JAVA_HOME/conf/security/java.security)
>  Reference: http://openjdk.java.net/jeps/229



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to