8168861: AnchorCertificates uses hardcoded password for cacerts keystore

Reviewed-by: vinnie, mullan
2016-11-14 10:13:38 -08:00 · 2016-11-14 10:13:38 -08:00 · a556619f93
commit a556619f93
parent c8163c0388
1 changed files with 1 additions and 1 deletions
--- a/jdk/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
+++ b/jdk/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
@ -58,7 +58,7 @@ public class AnchorCertificates {
                try {
                    cacerts = KeyStore.getInstance("JKS");
                    try (FileInputStream fis = new FileInputStream(f)) {
-                        cacerts.load(fis, "changeit".toCharArray());
+                        cacerts.load(fis, null);
                        certs = new HashSet<>();
                        Enumeration<String> list = cacerts.aliases();
                        String alias;