RFR: 8308592: Framework for CA interoperability testing [v3]
Rajan Halade
rhalade at openjdk.org
Thu Jun 1 21:01:01 UTC 2023
On Thu, 1 Jun 2023 20:15:10 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Rajan Halade has updated the pull request incrementally with one additional commit since the last revision:
>>
>> 8308592: remove unused imports
>
> test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ValidatePathWithURL.java line 99:
>
>> 97: // certain that test certificate anchors to trusted CA for VALID certificate
>> 98: // if the connection is successful
>> 99: Certificate[] chain = httpsURLConnection.getServerCertificates();
>
> Mostly FYI - but another way to get the chain is to call the `getCertPath()` method of the thrown `CertPathValidatorException`. This doesn't include the root though.
Thanks! This will allow me to validate anchor on revoked/expired certificate as well.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14252#discussion_r1213667728
More information about the security-dev
mailing list