RFR: 8275252: Migrate cacerts from JKS to password-less PKCS12
Michael Osipov
duke at openjdk.java.net
Thu Oct 14 20:01:47 UTC 2021
On Thu, 14 Oct 2021 19:50:33 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>
>
> No, this PR is totally independent. Once a password-less pkcs12 file is generated, it can be read by any JDK since JDK 7u with a null password and the certs are visible. The other 2 tickets are all about storing, storing with a null password, storing with a default algorithm.
>
> I've made JDK-8274913 public. It's just an idea and not proposed to any release.
OK, now I see. This makes sense now. Storing is a different and as I see in your code somewhere `NONE` needs to be provided and it is not obvious apparently. Storing will remain a pain in all JDK versions unless JDK-8274913 is implemented which will solve JDK-8231107.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5948
More information about the build-dev
mailing list