[jdk21u-dev] RFR: 8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation
Satyen Subramaniam
ssubramaniam at openjdk.org
Mon Jun 9 17:41:59 UTC 2025
Backporting JDK-8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation. With the current code, the enhancement developed to allow keystore access provider SunMSCAPI to access the Windows Local Computer keystore, [JDK-6782021](https://bugs.openjdk.org/browse/JDK-6782021), works as expected only if processes are run as elevated. When run with non-elevated access, the SunMSCAPI provider fails to access a read only private key from the Local Computer certificate store. Adjusts code so if the process does not have write permissions, the store is opened as read-only (instead of failing). Ran GHA Sanity Checks, local Tier 1 and 2, and modified test directly. Patch is clean.
-------------
Commit messages:
- Backport db535c86bc56b89b7213b3b097d80935fe9e8516
Changes: https://git.openjdk.org/jdk21u-dev/pull/1860/files
Webrev: https://webrevs.openjdk.org/?repo=jdk21u-dev&pr=1860&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8313367
Stats: 33 lines in 2 files changed: 5 ins; 22 del; 6 mod
Patch: https://git.openjdk.org/jdk21u-dev/pull/1860.diff
Fetch: git fetch https://git.openjdk.org/jdk21u-dev.git pull/1860/head:pull/1860
PR: https://git.openjdk.org/jdk21u-dev/pull/1860
More information about the jdk-updates-dev
mailing list