On Fri, 12 May 2023 02:23:17 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Could someone help review this PKCS11KeyStore fix regarding the cert chain >> removal? >> >> The proposed fix will not remove the cert if it has a corresponding private >> key or is an issuer of other entities in the same keystore. >> >> Thanks, >> Valerie > > Valerie Peng has updated the pull request incrementally with one additional > commit since the last revision: > > Changed to use keytool to generate keypairs instead of importing from > data files. Marked as reviewed by hchao (Committer). Changes look good to me. Nice to add the cert chain (i.e. root/ca1/pk1) to the test case. The raw file `temp.ks` is shown in the webrev (to be created by the test), so will not be part of the integration, right? ------------- PR Review: https://git.openjdk.org/jdk/pull/13743#pullrequestreview-1424933567 PR Comment: https://git.openjdk.org/jdk/pull/13743#issuecomment-1546085439