On Thu, 28 Apr 2022 14:35:54 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> We added a new system property back in > https://bugs.openjdk.java.net/browse/JDK-8153005 but it's better to describe > it in the `java.security` file as well. > > Please review the text. I especially added the last sentence so that people > won't set `-Dkeystore.pkcs12.legacy=false`. src/java.base/share/conf/security/java.security line 1174: > 1172: # If the property is not set or empty, a default value will be used. > 1173: # > 1174: # For compatibility, the system property "keystore.pkcs12.legacy" can > be set Was wondering if we should add why you might want to set this property, ex: "For compatibility with JDK or PKCS12 implementations that do not support the stronger algorithms ..." Compatibility with prior JDK versions should be less of an issue over time as these stronger settings and algs have been backported to prior JDKs. ------------- PR: https://git.openjdk.java.net/jdk/pull/8452
