This looks good, just a few comments:
KeyStoreUtil:
79 if (!ca.getSubjectDN().equals(end.getIssuerDN())) {
Use getSubjectX500Principal instead of getSubjectDN as the DN matching
algorithm is more precise.
Resources:
246 "The %1$s algorithm used as %2$s is considered
Hi All
Please take a look at
http://cr.openjdk.java.net/~weijun/8130132/webrev.00/
These new warnings will be added to jarsigner:
The signer's certificate is self-signed.
This jar contains entries whose signer certificate is self-signed.
The %1$s algorithm used as %2$s is considered a
