The "PKCS12" KeyStore type included in the JSSE reference
implementation security provider only supports load() and not save().
This means that the keytool utility may be used to view but not edit
pkcs12 files. The implementation supports PBEWithSHAAnd3KeyTripleDES
for shrouded private keys and PBEWithSHAAnd40BitRC2 for safe contents
elements. This should be compatible with PKCS12 files exported by
Netscape Communicator version 4.04 and later. PKCS12 files using other
algorithms can first be imported to Communicator and then exported in a
compatible format.
SSL server-side sockets may emit legal but unnecessary HelloRequest
messages during handshaking.
Under certain limited circumstances, if a fractional portion of an
InputStream object returned from an https reply is read and the
InputStream is then closed, and if a new https request to the same
server is made before the cached persistent connection times out, the
read will return the remainder of the first InputStream instead of the
second. This is more apparent when amounts larger than 2000 bytes
remain to be read. (Sun Bug Id: 4297363)
Two Workarounds exist:
Turn off persistent connection support for https. (NOTE: persistent
connection support was introduced in JDK 1.3). This feature is
disabled by setting the System property "http.keepAlive" to false.
Unfortunately, this will affect the default JDK http handler if using
JDK 1.3 (and above).
Completely read the InputStream before starting a new connection.