Please take a review at https://cr.openjdk.java.net/~weijun/8215694/webrev.00/
This bug reveals several issues: 1. Encoding of the RSASSA-PSS signature algorithm in PKCS10 and X509CertImpl. 2. The missing of setParameter() call for PKCS10 and X509CertImpl. 3. All keytool commands of -genkeypair, -certreq, -gencert, -selfcert are affected. 4. Wrong NULL after encoding of RSASSA-PSS key algorithm. Please confirm this is safe to be fixed in JDK 12. Thanks, Max