<!DOCTYPE html><html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<p>bcc-ing jdk-dev. Please followup on security-dev (copied) if you
have further replies.<br>
<br>
Thanks for your post.</p>
<p>New root CA requests must be initiated by the CA using the
process at [1].<br>
<br>
That said, Harica has already applied for adding their 2021 roots
and their application is being processed.<br>
<br>
--Sean<br>
<br>
[1]:
<a class="moz-txt-link-freetext" href="https://www.oracle.com/java/technologies/javase/carootcertsprogram.html">https://www.oracle.com/java/technologies/javase/carootcertsprogram.html</a></p>
<div class="moz-cite-prefix">On 2/12/26 3:32 AM, Jean-René Rouet
wrote:<br>
</div>
<blockquote type="cite" cite="mid:7B8566DD-3B1E-4F79-815D-B21FF344F733@in2p3.fr">
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">Hi everyone,<br>
<br>
In the European public research community, we rely on the
Harica.gr certificate authority to manage our server X.509
certificates.<br>
I recently discovered that the Harica.gr root certificate
has not been included in OpenJDK since February 2021
(across all recent versions),<br>
even though it remains present in commonly used operating
systems and browsers.<br>
<br>
Given our requirements, we specifically need support for
the 2021 certificate versions.<br>
<br>
While manually adding the certificate via the keytool
command is possible, would it be feasible to integrate it
directly into OpenJDK?<br>
<br>
Thank you for your attention to this matter.<br>
<br>
Best regards,<br>
<br>
Jean-René ROUET<br>
CNRS<br>
</div>
</span></font></div>
<div><img src="cid:part1.u77ZOcH6.Q09MpbN6@oracle.com" class="">
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText"><br>
<br>
</div>
</span></font></div>
</blockquote>
</body>
</html>