stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8168861: AnchorCertificates uses hardcoded password for cacerts keystore

Browse Source 
Reviewed-by: vinnie, mullan
This commit is contained in:
Anthony Scarpino 2016-11-14 10:13:38 -08:00
parent c8163c0388
commit a556619f93
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jdk/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
View File

@ -58,7 +58,7 @@ public class AnchorCertificates {
try { try {
cacerts = KeyStore.getInstance("JKS"); cacerts = KeyStore.getInstance("JKS");
try (FileInputStream fis = new FileInputStream(f)) { try (FileInputStream fis = new FileInputStream(f)) {
cacerts.load(fis, "changeit".toCharArray()); cacerts.load(fis, null);
certs = new HashSet<>(); certs = new HashSet<>();
Enumeration<String> list = cacerts.aliases(); Enumeration<String> list = cacerts.aliases();
String alias; String alias;