On Mon, 1 May 2023 19:49:05 GMT, Valerie Peng <valer...@openjdk.org> wrote:
> Could someone help review this PKCS11KeyStore fix regarding the cert chain > removal? > > The proposed fix will not remove the cert if it has a corresponding private > key or is an issuer of other entities in the same keystore. > > Thanks, > Valerie It's your decision. My point is that PEM data files, although in text mode, are still binary data and not human readable. You probably need some explanation on how to recreate them and that is equivalent to adding several `keytool` calls inside the test. Yes, I understand with the key generation calls the test will run much slower. ------------- PR Comment: https://git.openjdk.org/jdk/pull/13743#issuecomment-1536869563
