RFR 8215776: Keytool importkeystore may mix up certificate chain entries when DNs conflict

Weijun Wang weijun.wang at oracle.com
Wed Jan 9 14:59:18 UTC 2019


Please take a review at

  https://cr.openjdk.java.net/~weijun/8215776/webrev.00/

PKCS12KeyStore now can find certificate issuers more precisely using SubjectKeyIdentifier and AuthorityKeyIdentifier. I thought about using CertPath builder or checking signatures but those changes are too much.

Thanks,
Max


More information about the security-dev mailing list