From 60875a48219706924a0852e2c771de1cca075c77 Mon Sep 17 00:00:00 2001
From: Rujun Chen <rujche@microsoft.com>
Date: Fri, 25 Jun 2021 07:34:27 +0800
Subject: [PATCH 1/2] Fix concurrent problem in KeyVaultCertificates.

---
 .../azure/security/keyvault/jca/KeyVaultCertificates.java | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java
index 2b2810502b3a8..4b1cbd0a778e4 100644
--- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java
+++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java
@@ -131,12 +131,16 @@ public Map<String, Key> getCertificateKeys() {
     }
 
     private void refreshCertificatesIfNeeded() {
-        if (certificatesNeedRefresh()) {
+        if (certificatesNeedRefresh()) { // Avoid acquiring the lock as much as possible.
             refreshCertificates();
         }
     }
 
-    private void refreshCertificates() {
+    private synchronized void refreshCertificates() {
+        if (!certificatesNeedRefresh()) {
+            return; // After obtaining the lock, avoid to do much operation as much as we can.
+        }
+        // When refreshing certificates, the update of the 3 variables should be an atomic operation.
         aliases = keyVaultClient.getAliases();
         certificateKeys.clear();
         certificates.clear();

From 5b59085f0aafb9a944e9f20c66216f0fe5d10f79 Mon Sep 17 00:00:00 2001
From: Rujun Chen <rujche@microsoft.com>
Date: Fri, 25 Jun 2021 07:39:59 +0800
Subject: [PATCH 2/2] Fix concurrent problem in KeyVaultCertificates.

---
 .../com/azure/security/keyvault/jca/KeyVaultCertificates.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java
index 4b1cbd0a778e4..e902a8c20d567 100644
--- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java
+++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultCertificates.java
@@ -138,7 +138,7 @@ private void refreshCertificatesIfNeeded() {
 
     private synchronized void refreshCertificates() {
         if (!certificatesNeedRefresh()) {
-            return; // After obtaining the lock, avoid to do much operation as much as we can.
+            return; // After obtaining the lock, avoid doing too many operations.
         }
         // When refreshing certificates, the update of the 3 variables should be an atomic operation.
         aliases = keyVaultClient.getAliases();