HttpsURLConnection uses javax.net.ssl.keyStore and keyStorePassword system properties for access to a user's keystore. Currently these properties are settable as system properties on the Java VM startup command line via -Djavax.net.ssl.keyStore=..., etc. This default keyStore access mechanism should be more securely and privately handled.

Users and ISVs relying upon Java's HttpsURLConnection have expressed security concerns with the VM system property machinery currently used, its visibility on running systems, in scripts, etc., and request a more secure and private keystore access mechanism.