On 4/6/20 11:11 PM, Weijun Wang wrote:
Please review the fix athttp://cr.openjdk.java.net/~weijun/8242184/webrev.00/ The major change is inside X509CRLImpl.java to allow params setting and reading. I also take this chance to: 1. Provide a default -sigalg for "keytool -genkeypair -keyalg rsassa-pss".
I think you should file a CSR for that, since it is a new default, and the default varies based on the size of the key. You should also update the keytool man page section on defaults.
--Sean
2. Revert a former change in X509CertImpl.java, which might be a safer call. Thanks, Max
