After 8278449, we seem to ignore in the call ` if (SecTrustSettingsCopyTrustSettings(certRef, kSecTrustSettingsDomainUser, &trustSettings) == errSecItemNotFound) `
all trusted certs from admin and system domains, so a lot more certs are ignored than necessary. Probably we should take at least the certs with trust settings from kSecTrustSettingsDomainUser, kSecTrustSettingsDomainAdmin and kSecTrustSettingsDomainSystem domains . ------------- Commit messages: - JDK-8303465 Changes: https://git.openjdk.org/jdk/pull/12829/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=12829&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8303465 Stats: 9 lines in 1 file changed: 7 ins; 0 del; 2 mod Patch: https://git.openjdk.org/jdk/pull/12829.diff Fetch: git fetch https://git.openjdk.org/jdk pull/12829/head:pull/12829 PR: https://git.openjdk.org/jdk/pull/12829
