webrev request: JDK-6996377

Sean Mullan sean.mullan at oracle.com
Thu May 8 14:00:58 UTC 2014


On 05/08/2014 09:55 AM, Jamil Nimeh wrote:
> Ah, didn't know that we were moving away from the scripts.

See https://blogs.oracle.com/jjg/entry/shelling_tests for some more 
rationale.

>  I had
> thought about hard-coding certs, but I liked the on-the-fly generation
> approach because it kept the validity periods always within current
> time.  But it's easy to just make really long lived certs so I'll make
> that change.

You can also work around the expiration issue by setting the validity 
date to a time within the validity period of the certificate. See 
PKIXParameters.setDate(). We do that a lot in other tests.

--Sean



More information about the security-dev mailing list