[jdk17u] RFR: 8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates
Christoph Langer
clanger at openjdk.org
Tue Jun 13 13:47:02 UTC 2023
On Wed, 7 Jun 2023 07:50:43 GMT, Christoph Langer <clanger at openjdk.org> wrote:
> Hi all,
>
> This pull request contains a backport of [JDK-8303465](https://bugs.openjdk.org/browse/JDK-8303465), commit [ac41c030](https://github.com/openjdk/jdk/commit/ac41c030030c3d31815474c793ac9c420c47e22c) from the [openjdk/jdk](https://git.openjdk.org/jdk) repository.
>
> This is an improvement for the handling of certificates from the MacOSX keychain which regressed since the April 2022 CPU update (17.0.3) and does not show all appropriate certificates that it should do. The fix was just recently submitted in head and came too late for the regular dev cycle for 17.0.8. However, I would ask to include it now in rampdown, since we have an open customer issue that it would solve. Since our customer is consuming the JDK via Eclipse/Adoptium, it would also not suffice to cherry-pick it into the SapMachine build only, so that's why my request is to take it into 17.0.8.
>
> The backport applied cleanly. It involves a CSR but the original CSR has been approved for all relevant backport releases.
>
> Thanks
> Christoph
I see jdk17u-critical-yes.
-------------
PR Comment: https://git.openjdk.org/jdk17u/pull/371#issuecomment-1589346123
More information about the jdk-updates-dev
mailing list