[8] 7174966: With OCSP enabled on Java 7 get error 'Wrong key usage' with Comodo certificate
Vincent Ryan
vincent.x.ryan at oracle.com
Tue May 28 11:30:13 UTC 2013
Please review the fix for: http://bugs.sun.com/view_bug.do?bug_id=7174966
The problem occurs when validating the signature of an OCSP response from the Comodo CA.
The Signature class tests for the presence of the digitalSignature keyUsage setting when examining
a signer's certificate. One solution is for the sun.security.provider.certpath.OCSPResponse class to
pass the signer's public key rather than the signer's certificate.
Webrev: http://cr.openjdk.java.net/~vinnie/7174966/webrev.00/
Thanks.
More information about the security-dev
mailing list