Please review this simple fix to treat OCSP Unauthorized responses as an error when checking revocation status, even when the SOFT_FAIL option is set. webrev: http://cr.openjdk.java.net/~mullan/webrevs/8023362/webrev.00/ Thanks, Sean