RFR: 8198240: Allow cacerts test to pass when GTECyberTrust root expires

Rajan Halade rajan.halade at oracle.com
Fri Apr 13 15:46:16 UTC 2018


Thanks for your comments. Updated webrev is at 
http://cr.openjdk.java.net/~rhalade/8198240/webrev.01/

- Rajan

On 4/13/18 5:59 AM, Sean Mullan wrote:
> 288 System.err.println("WARNING: ");
>
> I don't think you need to print a warning in this case since this 
> expired root is an exception to the policy. Also, once the cert has 
> expired, the subsequent message "will expire" doesn't make sense:
>
>  293                 System.err.println("cert \"" + alias + "\" expiry 
> \""
>  294                         + notAfter.toString() + "\" will expire 
> within 90 days");
>
> since it has already expired. Just print out the message above for the 
> error cases.
>
> Looks good otherwise.
>
> --Sean
>
> On 4/12/18 5:40 PM, Rajan Halade wrote:
>> Please review this test fix to allow exception list to 90 days expiry 
>> policy. Fix also modifies the error reporting to report alias of 
>> certificate being checked.
>>
>> Webrev: http://cr.openjdk.java.net/~rhalade/8198240/webrev.00/
>>
>> Thanks,
>> Rajan



More information about the security-dev mailing list