RFR: 8275252: Migrate cacerts from JKS to password-less PKCS12
Weijun Wang
weijun at openjdk.java.net
Thu Oct 14 17:34:50 UTC 2021
On Thu, 14 Oct 2021 13:36:19 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> The cacerts file is now a password-less PKCS12 file. This make sure old code that uses a JKS KeyStore object can continuously load it using a null password (in fact, any password) and see all certificates inside.
If you look into the code change for `make/ToolsJdk.gmk`, you can see 2 system properties used while generating the new cacerts file. With them, the new file becomes password-less.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5948
More information about the build-dev
mailing list