a CA may issue a certificate to itself to support key rollover or changes in certificate policies. The SunJSSE validation looks for a self-signed cert with issuer.equals(subject), this is incorrect for self-issued certificate. Need evaluation to support certificate chain that includes self-issued certificates.
|