On Wed, 30 Jul 2025 13:51:41 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> No need to probe if the particular keystore is disabled seems more >> efficient? Anyhow, I made the suggested change as it has the merits of >> finding out the result of the probe through debugging. > > Well there is a compatibility mode (enabled by default) which allows PKCS12 > keystores to be read as JKS, and vice-versa, so I think it is better to probe > the file to see precisely what format it is in. See the > [keystore.type.compat](https://github.com/openjdk/jdk/blob/a2e86ff3c56209a14c6e9730781eecd12c81d170/src/java.base/share/conf/security/java.security#L304) > security property for details. Hmm, interesting. I see. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2244148365