[jdk8u-dev] RFR: 8316138: Add GlobalSign 2 TLS root certificates
Zdenek Zambersky
zzambers at openjdk.org
Wed May 22 16:03:09 UTC 2024
On Tue, 21 May 2024 03:34:35 GMT, Andrew John Hughes <andrew at openjdk.org> wrote:
>> Backport adds CA certificates. It is not clean, some changes were needed for jdk8u (cacerts file checksum, modified switch cases, in addition to different paths). Also test cases with `-Dcom.sun.security.ocsp.useget=false` parameter were removed in `CAInterop.java`, as property was introduced by [JDK-8328638](https://bugs.openjdk.org/browse/JDK-8328638) and is only JDK17+.
>>
>> Testing:
>> Tests look OK. There are these 3 failures in CAInterop.java:
>>
>> security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#digicerttlseccrootg5
>> security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#digicerttlsrsarootg5
>> security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#quovadisrootca1g3
>>
>> these are not caused by this backport, I can see same 3 failures on [master](https://github.com/zzambers/jdk8u-dev/actions/runs/9158176705/job/25176394629) (probably appeared recently).
>
> Change looks good. I agree the failing cases are not related to this backport.
> Please flag for approval with `/approval request`.
@gnu-andrew thanks
-------------
PR Comment: https://git.openjdk.org/jdk8u-dev/pull/502#issuecomment-2125151996
More information about the jdk8u-dev
mailing list