RFR 8189131: Open-source the Oracle JDK Root Certificates

Rajan Halade rajan.halade at oracle.com
Fri Dec 1 19:25:49 UTC 2017


On 12/1/17 10:09 AM, Sean Mullan wrote:
> So only the VerifyCACerts test would potentially fail by default (it 
> is part of tier2). If this becomes a big issue, we can follow-up later 
> and investigate more with some sort of fix, but I don't think this 
> should hold up the current fix. 
Would it be acceptable if I change blocks at line 227-231 and 234-239 to 
soft-failures? Essentially then this test will only validate a cert if 
it is present in keystore. This test is designed to check integrity of 
cacerts keystore but if we are to allow test to pass with different 
cacerts specified using --with-cacerts-file then it may be acceptable.

Thanks,
Rajan



More information about the security-dev mailing list