A DESCRIPTION OF THE PROBLEM : JDK-8149722 : JSSE TrustManagerFactory ignores deployment.system.security.cacerts I have the same expectation that if an administrator defines security settings the should be honoured. Otherwise the documentation for the deployment.properties should clearly explain that the settings are just for Web Start security. The tools like java control panel respect these settings and display the defined keystores but the runtime use hard coded paths or a insecure system property and ignore these settings. REGRESSION : Last worked in version 8u172 FREQUENCY : always
|