[jdk8u] RFR: 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs [v2]
Francisco Ferrari Bihurriet
fferrari at openjdk.org
Thu Sep 19 11:07:48 UTC 2024
On Wed, 18 Sep 2024 17:29:07 GMT, Andrew John Hughes <andrew at openjdk.org> wrote:
> I see differences with `entrustrootcag4-chain.pem` but this seems to be because 11u's version has CRLF line endings for some reason. The 8u one is actually correct in using the usual line endings.
I hadn't noticed this, the [original version](https://github.com/openjdk/jdk/blob/bbb516163d400a9c7e923e423fe2a60091b59322/test/jdk/sun/security/ssl/X509TrustManagerImpl/Entrust/entrustrootcag4-chain.pem) has mixed CR and CRLF, and it got fixed when adjusting and applying the patch. If you prefer it to be a verbatim copy I can easily modify it to match the original.
> I'm aware of the fix from 21u. Backport looks good so feel free to apply for approval so we can get this in the October release.
Thanks, here is the approval [request](https://bugs.openjdk.org/browse/JDK-8337664?focusedId=14704789&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14704789).
-------------
PR Comment: https://git.openjdk.org/jdk8u/pull/61#issuecomment-2360681917
More information about the jdk8u-dev
mailing list