Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 1512647

Summary: ERROR "keytool : java.util.IllegalFormatConversionException: d != java.lang.String" when using keytool from openjdk- on RHEL 7.4
Product: Red Hat Enterprise Linux 7 Reporter: Issa Gueye <igueye>
Component: java-1.8.0-openjdkAssignee: Andrew John Hughes <ahughes>
Status: CLOSED ERRATA QA Contact: Lukas Zachar <lzachar>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.4CC: ahughes, dbhole, jvanek, sgehwolf
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Fixed In Version: java-1.8.0-openjdk- Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-10 15:52:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1471969    
Description Flags
outputs of: "$ java -XshowSettings:locale,properties -version" from reproducible machine OS none

Description Issa Gueye 2017-11-13 18:46:25 UTC
Created attachment 1351656 [details]
outputs of:  "$ java -XshowSettings:locale,properties -version" from reproducible machine OS

Description of problem:

A customer upgraded to latest RHEL 7.4.
They face the below error when using keytool from openjdk 1.8.0 u151 to import a certificate in  a keystore:

ERROR "keytool : java.util.IllegalFormatConversionException: d != java.lang.String"

Version-Release number of selected component (if applicable):


How reproducible:

easy to reproduce using keytool from openjdk- on RHEL 7.4 (for some languages other than English)

Steps to Reproduce:

# keytool -importcert -alias mYdomain -file mYdomain.cer -keystore mYkeystore

Actual results:

   error keytool : java.util.IllegalFormatConversionException: d !=

Expected results:

No error expected.

Additional info:

Comment 3 Severin Gehwolf 2017-11-15 14:45:46 UTC
Reproducer is:

$ echo -en 'DE\nBavaria\nFoo\nRed Hat\nTest Dpt.\\n\n' > infile
$ echo -n 'testme\ntestme\n' | openssl req -passout stdin -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -batch < infile
$ echo -en 'changeme\nchangeme\nyes' | keytool -J-Duser.language=fr -importcert -alias mYdomain -file cert.pem -keystore mYkeystore2
Entrez le mot de passe du fichier de clés :  Ressaisissez le nouveau mot de passe : erreur keytool : java.util.IllegalFormatConversionException: d != java.lang.String
$ echo -en 'changeme\nchangeme\nyes' | keytool -J-Duser.language=es -importcert -alias mYdomain -file cert.pem -keystore mYkeystore2
Introduzca la contraseña del almacén de claves:  Volver a escribir la contraseña nueva: error de herramienta de claves: java.util.IllegalFormatConversionException: d != java.lang.String

Last step works with English:

$ echo -en 'changeme\nchangeme\nyes' | keytool -J-Duser.language=en -importcert -alias mYdomain -file cert.pem -keystore mYkeystore2
Enter keystore password:  Re-enter new password: Owner: O=Default Company Ltd, L=Default City, C=XX
Issuer: O=Default Company Ltd, L=Default City, C=XX
Serial number: b4984987daae9882
Valid from: Wed Nov 15 15:35:37 CET 2017 until: Thu Nov 15 15:35:37 CET 2018
Certificate fingerprints:
	 MD5:  05:DA:19:E3:36:B4:22:85:E2:83:D6:47:71:FA:BD:31
	 SHA1: 04:C6:B9:50:B8:EA:23:06:FE:54:9C:2D:77:E8:1E:2C:A1:67:EB:22
	 SHA256: 67:14:29:CC:E2:8A:6F:3B:02:94:F0:90:56:D0:81:2B:B7:F2:A6:AC:F0:DA:21:58:B2:DA:94:20:02:4F:D9:B7
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3


#1: ObjectId: Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: EF 1A 2E FA 5C 95 16 5B   ED 0B C8 D9 EB A0 FA AC  ....\..[........
0010: 21 09 34 A0                                        !.4.

#2: ObjectId: Criticality=false

#3: ObjectId: Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: EF 1A 2E FA 5C 95 16 5B   ED 0B C8 D9 EB A0 FA AC  ....\..[........
0010: 21 09 34 A0                                        !.4.

Trust this certificate? [no]:  Certificate was added to keystore

This is keytool from java-1.8.0-openjdk 151-b12:
$ which keytool
$ ls -l /usr/bin/keytool
lrwxrwxrwx. 1 root root 25 Oct 26 09:59 /usr/bin/keytool -> /etc/alternatives/keytool
$ ls -l /etc/alternatives/keytool
lrwxrwxrwx. 1 root root 75 Oct 26 09:59 /etc/alternatives/keytool -> /usr/lib/jvm/java-1.8.0-openjdk-

Comment 9 Andrew John Hughes 2017-11-24 06:20:23 UTC
Added link to new OpenJDK bug for the fix to the translations, JDK-8191840.

Comment 15 errata-xmlrpc 2018-04-10 15:52:04 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.