This change addresses the scenario where a certificate is first stored as part of a certificate chain and then stored again as a certificate corresponding to a PrivateKey entry. Newer version of NSS errors out with CKR_GENERAL_ERROR with the 2nd store, i.e. C_CreateObject() call.
Proposed fix is to check for match before calling C_CreateObject(), if a match is found, set its alias instead. ------------- Commit messages: - 8309214: sun/security/pkcs11/KeyStore/CertChainRemoval.java fails after 8301154 Changes: https://git.openjdk.org/jdk/pull/15146/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=15146&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8309214 Stats: 53 lines in 2 files changed: 39 ins; 12 del; 2 mod Patch: https://git.openjdk.org/jdk/pull/15146.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/15146/head:pull/15146 PR: https://git.openjdk.org/jdk/pull/15146
