RFR: 8198240: Allow cacerts test to pass when GTECyberTrust root expires

Sean Mullan sean.mullan at oracle.com
Fri Apr 13 12:59:31 UTC 2018


288                     System.err.println("WARNING: ");

I don't think you need to print a warning in this case since this 
expired root is an exception to the policy. Also, once the cert has 
expired, the subsequent message "will expire" doesn't make sense:

  293                 System.err.println("cert \"" + alias + "\" expiry \""
  294                         + notAfter.toString() + "\" will expire 
within 90 days");

since it has already expired. Just print out the message above for the 
error cases.

Looks good otherwise.

--Sean

On 4/12/18 5:40 PM, Rajan Halade wrote:
> Please review this test fix to allow exception list to 90 days expiry 
> policy. Fix also modifies the error reporting to report alias of 
> certificate being checked.
> 
> Webrev: http://cr.openjdk.java.net/~rhalade/8198240/webrev.00/
> 
> Thanks,
> Rajan


More information about the security-dev mailing list