Good catch Max. I’ll add the check there too.
> On 2 Jul 2016, at 02:04, Wang Weijun <weijun.w...@oracle.com> wrote: > > Should engineSetKeyEntry make the same check? > > --Max > >> On Jul 2, 2016, at 5:52 AM, Vincent Ryan <vincent.x.r...@oracle.com> wrote: >> >> Please review this change to correct two failing JCK tests. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8068290 >> Webrev: http://cr.openjdk.java.net/~vinnie/8068290/webrev.00/ >> >> PKCS12 is the default keystore type in JDK 9 and its implementation stores >> only X.509 certificates >> although the KeyStore API allows any Certificate object to be stored. >> This fix checks that the supplied certificate is an X509Certificate object >> before storing it. >> >> Thanks. >> >
