RFR: 8198240: Allow cacerts test to pass when GTECyberTrust root expires
Rajan Halade
rajan.halade at oracle.com
Fri Apr 13 15:46:16 UTC 2018
Thanks for your comments. Updated webrev is at
http://cr.openjdk.java.net/~rhalade/8198240/webrev.01/
- Rajan
On 4/13/18 5:59 AM, Sean Mullan wrote:
> 288 System.err.println("WARNING: ");
>
> I don't think you need to print a warning in this case since this
> expired root is an exception to the policy. Also, once the cert has
> expired, the subsequent message "will expire" doesn't make sense:
>
> 293 System.err.println("cert \"" + alias + "\" expiry
> \""
> 294 + notAfter.toString() + "\" will expire
> within 90 days");
>
> since it has already expired. Just print out the message above for the
> error cases.
>
> Looks good otherwise.
>
> --Sean
>
> On 4/12/18 5:40 PM, Rajan Halade wrote:
>> Please review this test fix to allow exception list to 90 days expiry
>> policy. Fix also modifies the error reporting to report alias of
>> certificate being checked.
>>
>> Webrev: http://cr.openjdk.java.net/~rhalade/8198240/webrev.00/
>>
>> Thanks,
>> Rajan
More information about the security-dev
mailing list