RFR: 8320362: Load anchor certificates from Keychain keystore [v7]
Alexey Bakhtin
abakhtin at openjdk.org
Mon Mar 18 20:25:29 UTC 2024
On Mon, 18 Mar 2024 14:28:02 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Hi @wangweij ,
>> Thank you for review.
>> Unfortunately `SecTrustCopyCustomAnchorCertificates` can not be used also. It is used to retrieve certificates from your own created SecTrust. As I know it is not possible to create/load SecTrust with predefined certs without reading`/System/Library/Keychains/SystemRootCertificates.keychain`
>
> Then this is the best solution we can find. I have no more comment and thanks a lot for the patience. You might need to finalize your CSR now.
Thank you. I've updated CSR and waiting for review.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/16722#discussion_r1529226114
More information about the security-dev
mailing list