Closed val1984 closed 1 year ago
I am not sure about this change, mostly because I am unaware on how expired or removed certificates are handled.
Another workaround would be to set a different location manually with javax.net.ssl.trustStore
and javax.net.ssl.keyStore
There are new major Java releases every 6 months, which have different package identifiers, so I think the risk of keeping forever a stale cacerts
file is limited, no?
When you add certificates to your trust store, they are lost after update because the
cacerts
file is not persisted. This PR adds apersist
section inopenjdk18
manifest so that cacerts are kept between updates.