On Thu, 2 Mar 2023 13:33:53 GMT, Matthias Baesken <mbaes...@openjdk.org> wrote:
> After 8278449, we seem to ignore in the call > > ` if (SecTrustSettingsCopyTrustSettings(certRef, > kSecTrustSettingsDomainUser, &trustSettings) == errSecItemNotFound) ` > > all trusted certs from admin and system domains, so a lot more certs are > ignored than necessary. > Probably we should take at least the certs with trust settings from > kSecTrustSettingsDomainUser, kSecTrustSettingsDomainAdmin and > kSecTrustSettingsDomainSystem domains . Oops, seems the `security` command is failing when running the test on our testing clients. Maybe no user privilege? I'll do more investigation and maybe have to make it an internal test or manual one. It does run fine on my own machine. ------------- PR: https://git.openjdk.org/jdk/pull/12829
