RFR 8215776: Keytool importkeystore may mix up certificate chain entries when DNs conflict
Weijun Wang
weijun.wang at oracle.com
Wed Jan 9 14:59:18 UTC 2019
Please take a review at
https://cr.openjdk.java.net/~weijun/8215776/webrev.00/
PKCS12KeyStore now can find certificate issuers more precisely using SubjectKeyIdentifier and AuthorityKeyIdentifier. I thought about using CertPath builder or checking signatures but those changes are too much.
Thanks,
Max
More information about the security-dev
mailing list