Hynek Švábek created ELY-786: -------------------------------- Summary: KeyAlias can be overwritten by CredentialStore alias entry. Key: ELY-786 URL: https://issues.jboss.org/browse/ELY-786 Project: WildFly Elytron Issue Type: Bug Reporter: Hynek Švábek Assignee: Darran Lofthouse Priority: Critical KeyAlias can be overwritten by CredentialStore alias entry. {code} /subsystem=elytron/credential-store=cskeyalias:add(uri="cr-store://test/cskeyalias.jceks?store.password=pass123;create.storage=true;key.alias=adminKeyAlias") {code} {code} /subsystem=elytron/credential-store=credStore001/alias=adminKeyAlias:add(secret-value=Elytron) {code} Using of default key.alias parameter has same result *Suggestion for solution* Add check that aliasName isn't keyAlias. https://github.com/wildfly-security/wildfly-elytron/blob/5f0ed115ea265240... -- This message was sent by Atlassian JIRA (v7.2.3#72005)