RFR: 8275252: Migrate cacerts from JKS to password-less PKCS12
Michael Osipov
duke at openjdk.java.net
Thu Oct 14 19:40:51 UTC 2021
On Thu, 14 Oct 2021 13:36:19 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> The cacerts file is now a password-less PKCS12 file. This make sure old code that uses a JKS KeyStore object can continuously load it using a null password (in fact, any password) and see all certificates inside.
Let me summarize/rephrase your last message: To trick in the Makefile and the changed Java code (same way as I do in my code) produce a password-less truststore. Now since JDK-8231107 depicts that loading with a null password does not work the same way as with JKS this means that JDK-8231107 must also be applied to all supported JDK versions to make the output of this PR usable. Doesn't it? Note: JDK-8274913 is not publically available and I don't have a JBS account also I do report issues with Apache projects to Rory O'Donnell sometimes.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5948
More information about the build-dev
mailing list