RFR 8244148: keytool -printcert and -printcrl should support the -trustcacerts and -keystore options
Hai-May Chao
hai-may.chao at oracle.com
Mon Jun 1 18:37:04 UTC 2020
Hi,
I’d like to request a review for:
JBS: https://bugs.openjdk.java.net/browse/JDK-8244148
CSR: https://bugs.openjdk.java.net/browse/JDK-8246269
Webrev: http://cr.openjdk.java.net/~hchao/8244148/webrev.00/
The change is to add the support of -trustcacerts and -keystore options to -printcert and -princrl command for keytool. This enables keytool to use the trusted certificates when verifying untrusted artifacts that are signed by CAs. It also incorporates Max’s change that consolidates the code to get the default location of cacerts keystore.
Thanks,
Hai-May
More information about the security-dev
mailing list