8238157: security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java tests failures because of revocation date

Baesken, Matthias matthias.baesken at sap.com
Wed Jan 29 12:18:38 UTC 2020 

Hello, recently we see (cross platform)  sometimes failures in the jtreg test  security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java .

The  failures look like this :

java.lang.RuntimeException: TEST FAILED: unexpected revocation date
                at ValidatePathWithParams.validate(ValidatePathWithParams.java:206)
                at AmazonCA_3.runTest(AmazonCA.java:444)
                at AmazonCA.main(AmazonCA.java:66)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
                at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                at java.base/java.lang.reflect.Method.invoke(Method.java:566)
                at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
                at java.base/java.lang.Thread.run(Thread.java:834)

  or

java.lang.RuntimeException: TEST FAILED: unexpected revocation date
                at ValidatePathWithParams.validate(ValidatePathWithParams.java:209)
                at AmazonCA_1.runTest(AmazonCA.java:189)
                at AmazonCA.main(AmazonCA.java:64)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
                at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                at java.base/java.lang.reflect.Method.invoke(Method.java:564)
                at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
                at java.base/java.lang.Thread.run(Thread.java:832)

looking at the logfiles we see small differences between expected and currently found revocation date :

Certificate revocation date:Tue Jan 29 00:35:55 CET 2019
Expected revocation date:Tue Jan 29 00:35:56 CET 2019

This seems to  cause the trouble .

I opened

https://bugs.openjdk.java.net/browse/JDK-8238157

for this - do you think it is an issue on Amazon side ?

Best regards, Matthias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20200129/eba05aa8/attachment.htm>

More information about the security-dev mailing list