On Sat, 4 Apr 2026 12:25:28 GMT, Daisuke Yamazaki <[email protected]> wrote:
> Use `X509CertImpl.newSigned` to simplify certificate generation. > > `newSigned` internally sets the `AlgorithmId` and performs signing, so the > explicit `AlgorithmId` configuration and `sign` call are removed as > redundant. > > No functional change intended. Looks fine. Some tiny comments: The program was written long time ago before module. You might want to add a comment on how to run it now. Something like: java --add-exports java.base/sun.security.x509=ALL-UNNAMED GenKeyStore.java Also, the `getCertificate()` signature line is a little too long. And please update the copyright year to 2026. Thanks. ------------- PR Comment: https://git.openjdk.org/jdk/pull/30577#issuecomment-4187174676
