[jdk8u] RFR: 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs [v2]
Andrew John Hughes
andrew at openjdk.org
Thu Sep 19 21:52:46 UTC 2024
On Thu, 19 Sep 2024 11:04:38 GMT, Francisco Ferrari Bihurriet <fferrari at openjdk.org> wrote:
> > I see differences with `entrustrootcag4-chain.pem` but this seems to be because 11u's version has CRLF line endings for some reason. The 8u one is actually correct in using the usual line endings.
>
> I hadn't noticed this, the [original version](https://github.com/openjdk/jdk/blob/bbb516163d400a9c7e923e423fe2a60091b59322/test/jdk/sun/security/ssl/X509TrustManagerImpl/Entrust/entrustrootcag4-chain.pem) has mixed CR and CRLF, and it got fixed when adjusting and applying the patch. If you prefer it to be a verbatim copy I can easily modify it to match the original.
No need to change it. If anything, 11u should be fixed.
>
> > I'm aware of the fix from 21u. Backport looks good so feel free to apply for approval so we can get this in the October release.
>
> Thanks, here is the approval [request](https://bugs.openjdk.org/browse/JDK-8337664?focusedId=14704789&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14704789).
Thanks, I didn't see the `/approval` command for it on this PR.
-------------
PR Comment: https://git.openjdk.org/jdk8u/pull/61#issuecomment-2362263863
More information about the jdk8u-dev
mailing list