On Thu, 16 Nov 2023 12:06:26 GMT, rebarbora-mckvak <d...@openjdk.org> wrote:
> This fixes the defect described at https://bugs.openjdk.org/browse/JDK-8313367 > > If the process does not have write permissions, the store is opened as > read-only (instead of failing). > > Please note that permissions to use a certificate in a local machine store > must be granted - in a management console, select a certificate, right-click > -> All tasks... -> Manage Private Keys... -> add Full control to user. I have encountered a related problem on my customer's system. Depending on how private keys are imported in the store, either `signCngHash` or `signHash` is used. `signHash` fails to find the key, because it does not look at local machine's store. I will commit a fix for that soon in this PR. ------------- PR Comment: https://git.openjdk.org/jdk/pull/16687#issuecomment-1981903052
