RFR: 8353738: Update TLS unit tests to not use certificates with MD5 signatures [v5]

[Matthew Donovan]

On Thu, 13 Nov 2025 13:49:55 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:

>> Matthew Donovan has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   changed line wrapping
>
> test/jdk/javax/net/ssl/HttpsURLConnection/CriticalSubjectAltName.java line 36:
> 
>> 34:  * @library /test/lib
>> 35:  * @modules java.base/sun.security.x509 java.base/sun.security.util
>> 36:  * @run main/othervm CriticalSubjectAltName TLSv1.2 MD5withRSA
> 
> as far as I could tell, this test doesn't verify any functionality that would require a specific key type, it's simply using MD5 because that was the popular choice in 2008. Do we need to keep using MD5, or can we make it use whatever key type is the default?

It was suggested to keep test cases for TLS 1.2/MD5 as well as updating for TLS 1.3. If the TLS 1.2/MD5 isn't adding anything here I can remove it.

> test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java line 1:
> 
>> 1: /*
> 
> This might be preexisting, but this file is identical to `test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java` now. Can we remove one?

I compared the two files from before I updated IPIdentities and they are identical. I removed IPIdentities.java

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/27342#discussion_r2550794961
PR Review Comment: https://git.openjdk.org/jdk/pull/27342#discussion_r2550797069