On Thu, 14 Oct 2021 13:36:19 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> The cacerts file is now a password-less PKCS12 file. This make sure old code > that uses a JKS KeyStore object can continuously load it using a null > password (in fact, any password) and see all certificates inside. If you look into the code change for `make/ToolsJdk.gmk`, you can see 2 system properties used while generating the new cacerts file. With them, the new file becomes password-less. ------------- PR: https://git.openjdk.java.net/jdk/pull/5948
