Summary
-------

The non-serializable fields of `java.security.cert.Certificate` and `java.security.cert.CertPath` should be marked `transient`.

Problem
-------

The `Certificate` and `CertPath` classes use an alternate form of serialization by overriding the `writeReplace` method. However, the non-serializable fields of these classes were never marked `transient`, and are incorrectly documented in the Serialized Form section of the javadocs.
  
Solution
--------

Mark the applicable fields with the `transient` modifier.

Specification
-------------

```
diff --git a/src/java.base/share/classes/java/security/cert/CertPath.java b/src/java.base/share/classes/java/security/cert/CertPath.java
index 28000591c00..69f681b9d7c 100644
--- a/src/java.base/share/classes/java/security/cert/CertPath.java
+++ b/src/java.base/share/classes/java/security/cert/CertPath.java
@@ -123,7 +123,7 @@ public abstract class CertPath implements Serializable {
     private static final long serialVersionUID = 6068470306649138683L;
 
     /** The type of certificates in this chain. */
-    private String type;
+    private final transient String type;
 
     /**
      * Creates a {@code CertPath} of the specified type.
diff --git a/src/java.base/share/classes/java/security/cert/Certificate.java b/src/java.base/share/classes/java/security/cert/Certificate.java
index a34f0316a8c..cbb0cc78dd4 100644
--- a/src/java.base/share/classes/java/security/cert/Certificate.java
+++ b/src/java.base/share/classes/java/security/cert/Certificate.java
@@ -66,10 +66,10 @@ public abstract class Certificate implements java.io.Serializable {
     private static final long serialVersionUID = -3585440601605666277L;
 
     /** The certificate type. */
-    private final String type;
+    private final transient String type;
 
     /** The hash code for the certificate. */
-    private int hash = -1; // Default to -1
+    private transient int hash = -1; // Default to -1
 
     /**
      * Creates a certificate of the specified type.
```