Name: ooR10001 Date: 05/12/2000
java.security.cert.Certificate spec says that this class implements
java.io.Serializable. However, this class has a writeReplace() method.
Moreover, writeReplace() is used to create an object which is actually
written to the stream and this object is different from
This is a feature of Replaceable interface and in this case the
class must implement Replaceable.
The serialized form doc says:
Class java.security.cert.Certificate implements Serializable
This serialized form structure is not correct because in fact
java.security.cert.Certificate.CertificateRep is written to the
stream due to the writeReplace() method, so it should specify
fields of java.security.cert.Certificate.CertificateRep.
The serialized form doc should also specify the writeReplace()
method for java.security.cert.Certificate.
The serialized form doc needs to be fixed and the java.security.cert.Certificate
should implement Replaceable interface.
- csr for
JDK-8277128 Mark non-serializable fields of java.security.cert.Certificate and CertPath
- relates to
JDK-8263105 security-libs doclint cleanup
JDK-8231641 Suppress warnings on non-serializable non-transient instance fields in JDK libraries (umbrella)