[jdk21u-dev] Integrated: 8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation

[Satyen Subramaniam]

On Mon, 9 Jun 2025 17:34:53 GMT, Satyen Subramaniam <ssubramaniam at openjdk.org> wrote:

> Backporting JDK-8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation. With the current code, the enhancement developed to allow keystore access provider SunMSCAPI to access the Windows Local Computer keystore, [JDK-6782021](https://bugs.openjdk.org/browse/JDK-6782021), works as expected only if processes are run as elevated. When run with non-elevated access, the SunMSCAPI provider fails to access a read only private key from the Local Computer certificate store. Adjusts code so if the process does not have write permissions, the store is opened as read-only (instead of failing). Ran GHA Sanity Checks, local Tier 1 and 2, and modified test directly (although not on a Windows machine). Patch is clean.

This pull request has now been integrated.

Changeset: 96866ce3
Author:    Satyen Subramaniam <ssubramaniam at openjdk.org>
URL:       https://git.openjdk.org/jdk21u-dev/commit/96866ce3211dcf0e8b681854ae250ca421bd91bf
Stats:     33 lines in 2 files changed: 5 ins; 22 del; 6 mod

8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation

Backport-of: db535c86bc56b89b7213b3b097d80935fe9e8516

-------------

PR: https://git.openjdk.org/jdk21u-dev/pull/1860