Missing root CAs in cacerts

Andreas Ahlenstorf andreas at ahlenstorf.ch
Mon May 18 10:51:26 UTC 2020

On Mon, May 18, 2020, at 11:42, Andrew Haley wrote:
> What does Windows do? Do they have a system-wide list?

Both Microsoft and Apple have their own CA root program and system-wide APIs to access the list trusted of CA certificates. From an admin's POV, it would be great if those lists could be reused. 

* https://docs.microsoft.com/en-us/security/trusted-root/program-requirements
* https://docs.microsoft.com/en-us/windows/win32/seccrypto/example-c-program-certificate-store-operations

* https://www.apple.com/certificateauthority/ca_program.html
* https://developer.apple.com/documentation/security/keychain_services


More information about the jdk-dev mailing list