RFR: 8273236: keytool does not accurately warn about algorithms that are disabled but have additional constraints [v4]
Hai-May Chao
hchao at openjdk.java.net
Mon Jan 24 21:21:58 UTC 2022
On Mon, 24 Jan 2022 16:00:14 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> No change. This is because `caks` global variable can only be initialized with cacerts keystore when the `trustcacerts` option is specified; otherwise if has to be kept null. `buildTrustedCerts`() is always executed.
>
> I was thinking `buildTrustedCerts` could return the cacerts `KeyStore`, and you could assign that instead to `caks` if `trustcacerts` is true.
Done as suggested.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7039
More information about the security-dev
mailing list