[jdk17u] RFR: 8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates

[Christoph Langer]

Hi all,

This pull request contains a backport of [JDK-8303465](https://bugs.openjdk.org/browse/JDK-8303465), commit [ac41c030](https://github.com/openjdk/jdk/commit/ac41c030030c3d31815474c793ac9c420c47e22c) from the [openjdk/jdk](https://git.openjdk.org/jdk) repository.

This is an improvement for the handling of certificates from the MacOSX keychain which regressed since the April 2022 CPU update (17.0.3) and does not show all appropriate certificates that it should do. The fix was just recently submitted in head and came too late for the regular dev cycle for 17.0.8. However, I would ask to include it now in rampdown, since we have an open customer issue that it would solve. Since our customer is consuming the JDK via Eclipse/Adoptium, it would also not suffice to cherry-pick it into the SapMachine build only, so that's why my request to take it into 17.0.8.

The backport applied cleanly. It involves a CSR but the original CSR has been approved for all relevant backport releases.

Thanks
Christoph

-------------

Commit messages:
 - Backport ac41c030030c3d31815474c793ac9c420c47e22c

Changes: https://git.openjdk.org/jdk17u/pull/371/files
 Webrev: https://webrevs.openjdk.org/?repo=jdk17u&pr=371&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8303465
  Stats: 241 lines in 3 files changed: 193 ins; 32 del; 16 mod
  Patch: https://git.openjdk.org/jdk17u/pull/371.diff
  Fetch: git fetch https://git.openjdk.org/jdk17u.git pull/371/head:pull/371

PR: https://git.openjdk.org/jdk17u/pull/371