[jdk11u-dev] RFR: 8346587: Distrust TLS server certificates anchored by Camerfirma Root CAs [v2]
Severin Gehwolf
sgehwolf at openjdk.org
Fri Feb 14 14:00:43 UTC 2025
On Thu, 13 Feb 2025 18:54:32 GMT, Antonio Vieiro <duke at openjdk.org> wrote:
>> Antonio Vieiro has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase.
>
> src/java.base/share/classes/sun/security/validator/CamerfirmaTLSPolicy.java line 98:
>
>> 96:
>> 97: private static String fingerprint(X509Certificate cert) {
>> 98: return X509CertImpl.getFingerprint("SHA-256", cert);
>
> This reads
>
> return X509CertImpl.getFingerprint("SHA-256", cert, debug);
>
> in JDK-17 and above.
Right. Confirmed.
-------------
PR Review Comment: https://git.openjdk.org/jdk11u-dev/pull/2994#discussion_r1956190397
More information about the jdk-updates-dev
mailing list