RFR: 8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates [v6]
Christoph Langer
clanger at openjdk.org
Sun May 21 21:32:59 UTC 2023
On Fri, 19 May 2023 20:28:42 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> Since you removed the key usage checks, can you update the PR description please?
Done.
> src/java.base/macosx/classes/apple/security/KeychainStore.java line 808:
>
>> 806: // Check whether a certificate with same alias already exists and is the same
>> 807: // If yes, we can return here - the existing entry must have the same
>> 808: // properties and trust settings
>
> This is always true, right? I'm not sure how this could happen.
This handles the case, when a certificate is in both, the login (user) and system keychain.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/13945#issuecomment-1556296651
PR Review Comment: https://git.openjdk.org/jdk/pull/13945#discussion_r1199830388
More information about the security-dev
mailing list