RFR: 8325766: Review seclibs tests for cert expiry [v5]
Artur Barashev
abarashev at openjdk.org
Tue Jun 24 16:44:36 UTC 2025
On Tue, 3 Jun 2025 13:11:31 GMT, Matthew Donovan <mdonovan at openjdk.org> wrote:
>> This PR updates the CertificateBuilder with a new method that creates a new instance with common fields (subject name, public key, serial number, validity, and key uses) filled-in. One test, IPIdentities.java, is updated to show how the method can be used to create various certificates. I attached screenshots that compare the old hard-coded certificates (left) with the new generated certificates.
>>
>> 
>> 
>> 
>
> Matthew Donovan has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 12 commits:
>
> - fixed redundant setNotAfter() calls. One of them should have been setNotBefore
> - Merge branch 'master' into certbuilder
> - expanded wildcard imports
> - Merge branch 'master' into certbuilder
> - Merge branch 'master' into certbuilder
> - reversed order of DN strings when making certificates.
> - Merge branch 'master' into certbuilder
> - Merge branch 'master' into certbuilder
> - Merge branch 'master' into certbuilder
> - Merge branch 'master' into certbuilder
> - ... and 2 more: https://git.openjdk.org/jdk/compare/e490b4f0...2b5533aa
test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java line 247:
> 245: private static void setupCertificates() throws Exception {
> 246: KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
> 247: kpg.initialize(1024);
This line can be removed so implementation uses a default value.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23700#discussion_r2164469651
More information about the net-dev
mailing list