| author | amjiang |
| Fri, 27 Oct 2017 09:51:48 -0700 | |
| changeset 47470 | 359c604930af |
| parent 47216 | 71c04702a3d5 |
| child 47474 | 3739268c203f |
| permissions | -rw-r--r-- |
|
38380
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
1 |
Keystores used for the JSSE regression test suite. |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
2 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
3 |
keystore |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
4 |
truststore |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
5 |
========== |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
6 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
7 |
These are the primary two keystores and contain entries for testing most |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
8 |
of the JSSE regression test files. There are three entries, one RSA-based, |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
9 |
one DSA-based and one EC-based. If they expire, simply recreate them |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
10 |
using keytool and most of the test cases should work. |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
11 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
12 |
The password on both files is: |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
13 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
14 |
passphrase |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
15 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
16 |
There are no individual key entry passwords at this time. |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
17 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
18 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
19 |
keystore entries |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
20 |
================ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
21 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
22 |
Alias name: dummy |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
23 |
----------------- |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
24 |
Creation date: May 16, 2016 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
25 |
Entry type: PrivateKeyEntry |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
26 |
Certificate chain length: 1 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
27 |
Certificate[1]: |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
28 |
Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
29 |
Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
30 |
Serial number: 57399b87 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
31 |
Valid from: Mon May 16 10:06:38 UTC 2016 until: Sat May 16 10:06:38 UTC 2026 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
32 |
Signature algorithm name: SHA256withRSA |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
33 |
Version: 1 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
34 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
35 |
This can be generated using hacked (update the keytool source code so that |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
36 |
it can be used for version 1 X.509 certificate) keytool command: |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
37 |
% keytool -genkeypair -alias dummy -keyalg RSA -keysize 2048 \ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
38 |
-sigalg SHA256withRSA \ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
39 |
-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
40 |
-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
41 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
42 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
43 |
Alias name: dummyecdsa |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
44 |
---------------------- |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
45 |
Creation date: May 16, 2016 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
46 |
Entry type: PrivateKeyEntry |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
47 |
Certificate chain length: 1 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
48 |
Certificate[1]: |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
49 |
Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
50 |
Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
51 |
Serial number: 57399c1d |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
52 |
Valid from: Mon May 16 10:09:01 UTC 2016 until: Sat May 16 10:09:01 UTC 2026 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
53 |
Signature algorithm name: SHA256withECDSA |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
54 |
Version: 1 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
55 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
56 |
This can be generated using hacked (update the keytool source code so that |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
57 |
it can be used for version 1 X.509 certificate) keytool command: |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
58 |
% keytool -genkeypair -alias dummy -keyalg EC -keysize 256 \ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
59 |
-sigalg SHA256withECDSA \ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
60 |
-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
61 |
-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
62 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
63 |
Alias name: dummydsa |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
64 |
-------------------- |
|
47470
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
65 |
Creation date: Sep 20, 2017 |
|
38380
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
66 |
Entry type: PrivateKeyEntry |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
67 |
Certificate chain length: 1 |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
68 |
Certificate[1]: |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
69 |
Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
70 |
Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US |
|
47470
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
71 |
Serial number: 4e8ca03d |
|
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
72 |
Valid from: Wed Sep 20 11:10:34 PDT 2017 until: Mon Sep 20 11:10:34 PDT 2027 |
|
38380
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
73 |
Certificate fingerprints: |
|
47470
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
74 |
MD5: 5F:6F:01:75:BF:6C:40:B9:65:C0:8D:00:AE:6F:BD:38 |
|
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
75 |
SHA1: 31:06:4E:07:B2:01:78:8F:F4:6B:B6:6E:AC:C5:16:76:8B:1A:58:81 |
|
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
76 |
SHA256: 86:A1:E6:69:EE:00:50:35:2A:56:F7:F9:8B:61:2B:83:51:44:EA:E9:B0:EF:34:77:94:05:97:8B:73:5A:B0:68 |
|
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
77 |
Signature algorithm name: SHA256withDSA |
|
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
78 |
Version: 3 |
|
38380
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
79 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
80 |
This can be generated using hacked (update the keytool source code so that |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
81 |
it can be used for version 1 X.509 certificate) keytool command: |
|
47470
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
82 |
% keytool -genkeypair -alias dummydsa -keyalg DSA -keysize 2048 \ |
|
359c604930af
8176354: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" erro
amjiang
parents:
47216
diff
changeset
|
83 |
-sigalg SHA256withDSA \ |
|
38380
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
84 |
-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
85 |
-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
86 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
87 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
88 |
truststore entries |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
89 |
================== |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
90 |
This key store contains only trusted certificate entries. The same |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
91 |
certificates are used in both keystore and truststore. |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
92 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
93 |
|
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
94 |
unknown_keystore |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
95 |
================ |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
96 |
A keystore you can use when you don't want things to be verified. |
|
24e6bb1a50ac
8157035: Use stronger algorithms and keys for JSSE testing
xuelei
parents:
diff
changeset
|
97 |
Use this with keystore/truststore, and you'll never get a match. |