KeychainStore include user and predefined roots within one truststore
Tim Jacomb
timjacomb1 at gmail.com
Mon Jan 13 09:21:19 UTC 2025
Hi Sean
I don't have access to add to the bug report, but I've attached to the
GitHub pull request here:
https://github.com/openjdk/jdk/pull/22911#issuecomment-2586577905
(this can also be reproduced with this repository:
https://github.com/timja/openjdk-intermediate-ca-reproducer)
Thanks
Tim
On Thu, 9 Jan 2025 at 20:56, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> On 1/8/25 4:06 AM, Tim Jacomb wrote:
> > TLS handshake fails with PKIX path building error.
> >
> > Chain is Root -> Intermediate -> Leaf in the runnable example although
> > in our real-world use-case its Root -> Intermediate 1 -> Intermediate 2
> > -> Leaf
> > If I run the example only with Root -> Leaf then it works fine...
>
> It would be helpful if you can attach two logfiles (assuming the info
> isn't sensitive) to the bug report[1], one running with
> -Djavax.net.debug=all and the other with -Djava.security.debug=certpath.
>
> Thanks,
> Sean
>
> [1] https://bugs.openjdk.org/browse/JDK-8347067
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20250113/41396d1a/attachment.htm>
More information about the security-dev
mailing list