On Wed, 3 Apr 2024 21:54:02 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> When UAC is enabled and there is no privilege, I can see that some private > key entries (Ex: the one for iis) become trusted certificate entries, which > means their private key is not observable. Have you noticed something > similar? Are you OK with them shown as trusted certificate entries? @wangweij , to clarify: 1. Does the IIS example happen to be a self-signed TLS certificate like an [IIS Express Certificate](https://blogs.iis.net/robert_mcmurray/how-to-trust-the-iis-express-self-signed-certificate)? 2. By "trusted certificate", are you referring to a certificate that has been added to a Windows "Trusted Root Certification Authorities / Certificates" keystore location? If both answers are "yes", then that is normally an acceptable practice for a dev/build/test (DBT) environment. Adding a self-signed certificate to that keystore makes it verifiable at runtime. If that step is not taken, a security policy violation message could halt your tests, or you could encounter message dialogs that interrupt the flow of your tests. A self-signed code signing certificate can also become trusted using this technique in a DBT environment. Code signing tools do not always require, or even utilize, an ability to perform a runtime verification. But it is certainly useful for testing. For example, if an application requests elevation, a verification check is performed by the UAC. On success, the dialog message is green, and on failure it is yellow. ------------- PR Comment: https://git.openjdk.org/jdk/pull/16687#issuecomment-2043689563
