RFR: 8325766: Review seclibs tests for cert expiry [v4]
Sean Mullan
mullan at openjdk.org
Tue Jun 3 17:37:07 UTC 2025
On Tue, 3 Jun 2025 16:03:09 GMT, Matthew Donovan <mdonovan at openjdk.org> wrote:
> As a constructor, the code would look like this
<snip>
Ah, I see. Well technically you could call the set methods from the ctor but you would get `this-escape` compiler warnings, which you probably want to avoid.
> > it also means I can't use this method to to create a certificate with a longer, or shorter validity period
>
> There are methods to set the not-before and not-after fields. Any field set in this static method can be changed:
>
> `newCertificateBuilder(...).notAfter(Date.from(Instant.now().plus(10, TimeUnit.YEARS)));`
>
> I don't like using `Date` here and would be happy to overload it to take `Instant` as well.
Yes, but I don't think the static method which is generically named `newCertificateBuilder` should be hard-coding a one hour validity period, that detail should be either in a different method (my preference) or this method should be named more clearly like `oneHourCertificateBuilder`. I realize this is just a test method, but this is a nicely designed API that has been very useful so I would prefer if we keep the flexibility.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23700#discussion_r2124489674
More information about the net-dev
mailing list