RFR: 8202651: Test ActalisCA.java and ComodoCA fails
Sean Mullan
sean.mullan at oracle.com
Wed May 22 15:39:54 UTC 2019
On 5/21/19 5:31 PM, Rajan Halade wrote:
> Please review this fix to update test certificates used in Actalis and
> Comodo CA interop tests. The bug also mentioned QuoVadisCA test but I am
> not able to reproduce the failure. For Actalis CA, I couldn't get
> revoked test certificate but the test is updated for valid certificate
> and will pass now by skipping expired revoked chain.
It looks like the test is still expecting a revoked status - is that
still working because the IntCA is revoked?:
232 // Validate Revoked
233 pathValidator.validate(new String[]{REVOKED, INT_REVOKED},
234 ValidatePathWithParams.Status.REVOKED,
235 "Fri Jan 29 01:06:42 PST 2016", System.out);
236
It should be ok if the revoked certificate is expired though as you can
set the validation date to the past (within the interval where the
certificate is still valid).
Or is it because the Actalis OCSP responder is no longer reporting that
the certificate is revoked?
--Sean
>
> Webrev: http://cr.openjdk.java.net/~rhalade/8202651/webrev.00/
> Bug: https://bugs.openjdk.java.net/browse/JDK-8202651
>
> Thanks,
> Rajan
More information about the security-dev
mailing list