[8u] RFR: [TESTBUG] Some ssl jtreg tests fail due to usage of a secp256k1 ECDSA certificate
David Alvarez
alvdavi at amazon.com
Fri Nov 8 21:24:43 UTC 2019
Hi,
Requesting review for:
JBS: https://bugs.openjdk.java.net/browse/JDK-8233864
Webrev: http://cr.openjdk.java.net/~alvdavi/webrevs/8233864/webrev.8u.00/
After 8u232, certain Tier2 jtreg ssl tests started to fail as they were
relying on a certificate based on curve secp256k1. That curve is no
longer enabled for ssl (disabled by JDK-8228825 [1]).
The specific certificate is located in:
test/sun/security/ssl/etc/keystore
and
test/sun/security/ssl/etc/truststore
This patch fixes those tests by recreating the certificate stores with
new certificates. The generated ECDSA certificate uses secp256r1. These
certificates are v3 instead of v1 as the originals, but we have seen no
failures caused by this.
This change includes binary changes. A patch file with binary changes is
located here:
http://cr.openjdk.java.net/~alvdavi/patches/8233864.8u.00.patch
Thanks,
--
David Alvarez
[1] http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/5456f24496f4#l1.18
More information about the jdk8u-dev
mailing list