RFR: 8325766: Review seclibs tests for cert expiry [v2]

Weijun Wang weijun at openjdk.org
Thu Feb 20 20:29:52 UTC 2025 

On Thu, 20 Feb 2025 12:31:37 GMT, Matthew Donovan <mdonovan at openjdk.org> wrote:

>> This PR updates the CertificateBuilder with a new method that creates a new instance with common fields (subject name, public key, serial number, validity, and key uses) filled-in. One test, IPIdentities.java, is updated to show how the method can be used to create various certificates. I attached screenshots that compare the old hard-coded certificates (left) with the new generated certificates.
>> 
>> ![trusted-cert](https://github.com/user-attachments/assets/4bfaca10-74f3-4d24-9796-288358ae00e1)
>> ![server-cert](https://github.com/user-attachments/assets/51ce8ed2-0784-44ab-96a1-9d0a2ea66aaa)
>> ![client-cert](https://github.com/user-attachments/assets/5090a71e-ef7a-4303-ae1a-78f89878d1c0)
>
> Matthew Donovan has updated the pull request incrementally with one additional commit since the last revision:
> 
>   changed boolean array initialization

The similarity between the certificate pairs is impressive! Just curious - why the change in issuer and owner names?

-------------

PR Comment: https://git.openjdk.org/jdk/pull/23700#issuecomment-2672607370

More information about the net-dev mailing list