On Mon, 1 May 2023 19:49:05 GMT, Valerie Peng <valer...@openjdk.org> wrote:
> Could someone help review this PKCS11KeyStore fix regarding the cert chain > removal? > > The proposed fix will not remove the cert if it has a corresponding private > key or is an issuer of other entities in the same keystore. > > Thanks, > Valerie As Max pointed out to use SecurityTools.keytool to generate keys/certs, I'd like to suggest using it to add a test case for pk1->pk2->ca, to test when deleting an intermediate cert. ------------- PR Comment: https://git.openjdk.org/jdk/pull/13743#issuecomment-1536764393
