[jdk8u-dev] RFR: 8316138: Add GlobalSign 2 TLS root certificates
Andrew John Hughes
andrew at openjdk.org
Tue May 21 03:37:08 UTC 2024
On Mon, 20 May 2024 13:13:37 GMT, Zdenek Zambersky <zzambers at openjdk.org> wrote:
> Backport adds CA certificates. It is not clean, some changes were needed for jdk8u (cacerts file checksum, modified switch cases, in addition to different paths). Also test cases with `-Dcom.sun.security.ocsp.useget=false` parameter were removed in `CAInterop.java`, as property was introduced by [JDK-8328638](https://bugs.openjdk.org/browse/JDK-8328638) and is only JDK17+.
>
> Testing:
> Tests look OK. There are these 3 failures in CAInterop.java:
>
> security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#digicerttlseccrootg5
> security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#digicerttlsrsarootg5
> security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#quovadisrootca1g3
>
> these are not caused by this backport, I can see same 3 failures on [master](https://github.com/zzambers/jdk8u-dev/actions/runs/9158176705/job/25176394629) (probably appeared recently).
Change looks good. I agree the failing cases are not related to this backport.
Please flag for approval with `/approval request`.
-------------
Marked as reviewed by andrew (Reviewer).
PR Review: https://git.openjdk.org/jdk8u-dev/pull/502#pullrequestreview-2067429474
More information about the jdk8u-dev
mailing list