Hi David,
On 2/4/2019 2:08 AM, David Penick wrote:
I’ve downloaded OpenJDK builds from AdoptOpenJDK and Azul Zulu, and I’ve
noticed that the jce.jar, sunjce_provider.jar and sunpkcs11.jar jar
files do not appear to be signed. I’m surprised they work without being
signed, but I also haven’t bee
The OpenJDK JCA does not do provider signature checking. So you can install
your own providers and don’t need to sign them.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: security-dev im Auftrag von David
Penick
Gesendet: Montag, Februar 4, 2019 11:18 AM
An: s
I’ve downloaded OpenJDK builds from AdoptOpenJDK and Azul Zulu, and I’ve
noticed that the jce.jar, sunjce_provider.jar and sunpkcs11.jar jar files
do not appear to be signed. I’m surprised they work without being signed,
but I also haven’t been able to find anyone asking how to get signed
versions
