RFR: 8320362: Load anchor certificates from Keychain keystore [v5]
Weijun Wang
weijun at openjdk.org
Thu Feb 1 21:39:03 UTC 2024
On Thu, 1 Feb 2024 00:23:26 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
>> Please review the proposed fix.
>>
>> The patch loads system root certificates from the MacOS Keychain with TrustSettings.
>> It allows to build a trusted certificate path using the MacOS Keychain store only.
>
> Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision:
>
> Update CheckMacOSKeyChainTrust test
Will KEYCHAINSTORE-ROOT contains trusted certs inside KEYCHAINSTORE? I tried on my machine and there are some items not in `security dump-trust-settings -s`.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/16722#issuecomment-1922289031
More information about the security-dev
mailing list