RFR: 8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates [v6]
Weijun Wang
weijun at openjdk.org
Mon May 22 22:45:53 UTC 2023
On Sun, 21 May 2023 21:29:50 GMT, Christoph Langer <clanger at openjdk.org> wrote:
>> src/java.base/macosx/classes/apple/security/KeychainStore.java line 808:
>>
>>> 806: // Check whether a certificate with same alias already exists and is the same
>>> 807: // If yes, we can return here - the existing entry must have the same
>>> 808: // properties and trust settings
>>
>> This is always true, right? I'm not sure how this could happen.
>
> This handles the case, when a certificate is in both, the login (user) and system keychain.
How do you know "the existing entry must have the same properties and trust settings"?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13945#discussion_r1201258508
More information about the security-dev
mailing list