On Tue, 23 May 2023 06:52:01 GMT, Christoph Langer <clan...@openjdk.org> wrote:
>> How do you know "the existing entry must have the same properties and trust >> settings"? > > Trust settings are stored per certificate. That is, when you do `security > add-trusted-cert`, you have to pass a certificate that the entry is created > for. It does not matter then, if the certificate is actually present/loaded > into any keychain. If the certificate is not in the keychain, a `security > dump-trust-settings` will not show the trust entry then but after you add it, > it gets visible. > > So, that means, if two certificates are the same, no matter if they were > loaded from different keychains or under different aliases (don't know > whether the latter is possible though), they will share the same trust > records. I see. Thanks. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/13945#discussion_r1202347175
