If you want to monitor security access, you can set the java.security.debug
System property. To see a list of all debugging options, use the help
setting:
java -Djava.security.debug=help
Note:
Separate multiple options with a comma.
For more information, on debugging utilities please visit JSSE Reference Guide.
The following table lists java.security.debug
options and links to further information about each option:
Option | Description | Further Information |
---|---|---|
all |
Turn on all debugging | None |
access |
Print all results from the You can use the following options with the
You can use the following options with the
|
|
certpath |
Turns on debugging for the PKIX CertPathValidator and CertPathBuilder
implementations. You can use the ocsp option with the certpath option for OCSP protocol tracing.
A hexadecimal dump of the OCSP request and response bytes is displayed. |
|
combiner |
SubjectDomainCombiner
debugging |
|
configfile |
JAAS (Java Authentication and Authorization Service) configuration file loading | |
configparser |
JAAS configuration file parsing | |
gssloginconfig |
Java GSS (Generic Security Services) login configuration file debugging |
|
jar |
JAR file verification |
Note: Use the System property
|
jca |
JCA engine class debugging | |
keystore |
Keystore debugging |
|
logincontext |
LoginContext
results |
|
pcsc |
Java Smart Card I/O and SunPCSC provider debugging |
|
pkcs11 |
PKCS11 session manager debugging | |
pkcs11keystore |
PKCS11 KeyStore debugging | |
pkcs12 |
PKCS12 KeyStore debugging | None |
properties |
java.security configuration file debugging |
None |
policy |
Loading and granting permissions with policy file |
|
provider |
Security provider debugging |
|
scl |
Permissions SecureClassLoader
assigns |
|
sunpkcs11 |
SunPKCS11 provider debugging | |
ts |
Timestamping debugging | None |
x509 |
X.509 certificate debugging |