8331391: Enhance the keytool code by invoking the buildTrustedCerts method for essential options

Prasadrao Koppula · coffeys · commit 9ed9510da7de · 2024-10-18T10:35:30.000Z
Backport-of: c9bee17
diff --git a/src/java.base/share/classes/sun/security/tools/keytool/Main.java b/src/java.base/share/classes/sun/security/tools/keytool/Main.java
@@ -1132,7 +1132,6 @@ && isKeyStoreRelated(command)
             }
         }
 
-        KeyStore cakstore = buildTrustedCerts();
         // -trustcacerts can be specified on -importcert, -printcert or -printcrl.
         // Reset it so that warnings on CA cert will remain for other command.
         if (command != IMPORTCERT && command != PRINTCERT
@@ -1141,6 +1140,7 @@ && isKeyStoreRelated(command)
         }
 
         if (trustcacerts) {
+            KeyStore cakstore = buildTrustedCerts();
             if (cakstore != null) {
                 caks = cakstore;
             } else {

Original file line number	Diff line number	Diff line change
`@@ -1132,7 +1132,6 @@ && isKeyStoreRelated(command)`
`1132`	`1132`	`}`
`1133`	`1133`	`}`
`1134`	`1134`
`1135`		`- KeyStore cakstore = buildTrustedCerts();`
`1136`	`1135`	`// -trustcacerts can be specified on -importcert, -printcert or -printcrl.`
`1137`	`1136`	`// Reset it so that warnings on CA cert will remain for other command.`
`1138`	`1137`	`if (command != IMPORTCERT && command != PRINTCERT`
`@@ -1141,6 +1140,7 @@ && isKeyStoreRelated(command)`
`1141`	`1140`	`}`
`1142`	`1141`
`1143`	`1142`	`if (trustcacerts) {`
	`1143`	`+ KeyStore cakstore = buildTrustedCerts();`
`1144`	`1144`	`if (cakstore != null) {`
`1145`	`1145`	`caks = cakstore;`
`1146`	`1146`	`} else {`