[
https://issues.apache.org/jira/browse/DIRSERVER-2242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16572980#comment-16572980
]
Stefan Seelmann commented on DIRSERVER-2242:
--------------------------------------------
Emmanuel, sorry but I didn't update the Jira. It should all be fixed already,
see
[https://github.com/apache/directory-server/commit/fbf65dd9a978c00843137f3f01d96a3f52dae836]
Also the migration is not an issue, Oracle did a good thing: In Java 9-11 the
default is PKCS12, but if it detects that a keystore is JKS it can read it. And
Java 8 defaults to JKS but can also read PKCS12.
> Keystore change from JKS to PKCS12
> ----------------------------------
>
> Key: DIRSERVER-2242
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2242
> Project: Directory ApacheDS
> Issue Type: Improvement
> Reporter: Stefan Seelmann
> Priority: Major
>
> Until Java 8 the default key store was JKS, since Java 9 the default is
> PKCS12.
> In the server code when we use key stores there is a mix of
> * KeyStore.getInstance( KeyStore.getDefaultType() );
> * KeyStore.getInstance( "JKS" );
> This needs to be cleaned up.
> There is also the question if an automatic migration from existing JKS stores
> in existing installations .to PKCS12 is possible
> Workaround is to change default keystore to JKS (property keystore.type in
> $JAVA_HOME/conf/security/java.security)
> Reference: http://openjdk.java.net/jeps/229
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
