On Fri, 21 Feb 2025 11:49:26 GMT, Mikhail Yankelevich <d...@openjdk.org> wrote:
> Changed shell files to be java tests: > * ./validator/certreplace.sh > * ./validator/samedn.sh test/jdk/sun/security/validator/CertReplace.java line 117: > 115: final String outputInt = SecurityTools.keytool(ktBaseParameters + > 116: "-export -rfc > -alias int").getOutput(); > 117: Files.write(certPath, outputInt.getBytes(), > StandardOpenOption.APPEND); There are several places that can be enhanced, mainly to reduce `keytool` calling: 1. There is no need to export certs for `user` and `int`. You already created them as `user.cert` and `int.cert`. 2. Since "certreplace.certs" starts with "user.cert", you can directly `keytool -gencert` into this file on line 103. 3. There is no need to import "user.cert" to alias user since we will delete the entry anyway. 4. Consider replacing `keytool -import` and `keytool -delete` calls using `KeyStore` API. You can enhance `KeyStoreUtils` in `/test/lib` if worth doing. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/23727#discussion_r1965643259
