8168861: AnchorCertificates uses hardcoded password for cacerts keystore
authorascarpino
Mon, 14 Nov 2016 10:13:38 -0800
changeset 41973 02ccd977c632
parent 41972 7a6bbc72b32d
child 41974 28d3463c20b0
8168861: AnchorCertificates uses hardcoded password for cacerts keystore Reviewed-by: vinnie, mullan
jdk/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
--- a/jdk/src/java.base/share/classes/sun/security/util/AnchorCertificates.java	Tue Nov 08 16:18:41 2016 +0300
+++ b/jdk/src/java.base/share/classes/sun/security/util/AnchorCertificates.java	Mon Nov 14 10:13:38 2016 -0800
@@ -58,7 +58,7 @@
                 try {
                     cacerts = KeyStore.getInstance("JKS");
                     try (FileInputStream fis = new FileInputStream(f)) {
-                        cacerts.load(fis, "changeit".toCharArray());
+                        cacerts.load(fis, null);
                         certs = new HashSet<>();
                         Enumeration<String> list = cacerts.aliases();
                         String alias;