Hi, I recently came across a scenario where I wanted to use a self-built OpenJDK 8 in a maven build and it could not download artefacts due to missing root certificates. I helped myself by replacing the cacerts with some other version from a later OpenJDK and came over the issue. However, I’ve asked myself whether it was possible/worthwhile to get the root certificates also into an OpenJDK 8 update?
With JEP 319 [0], Oracle has open-sourced the root certificates into OpenJDK. The initial check-in was done for jdk10, via bug JDK-8189131 [1]. After that, several commits have been made to update the set of root certificates and improve the tests. Now my questions are: Is it legally possible to bring these root certificates also into OpenJDK 8? Since it is a JEP, can the “feature” be added to OpenJDK 8 via an update release? And, last but not least, would there be interest in the community for that at all? Just trying to start a discussion… 😊 Best regards Christoph [0] http://openjdk.java.net/jeps/319 [1] https://bugs.openjdk.java.net/browse/JDK-8189131
