RFR: 8337951: Test sun/security/validator/samedn.sh CertificateNotYetValidException: NotBefore validation
Fernando Guallini
fguallini at openjdk.org
Wed Aug 28 08:30:47 UTC 2024
The test sun/security/validator/samedn.sh failed once due to the following reason:
`Caused by: java.security.cert.CertificateNotYetValidException: NotBefore: Tue Aug 06 14:41:13 GMT 2024`
This test generates several certificates using the keytool as a precondition, and then validates their certificate paths.
This failure is very rare and could not be reproduced. However, based on the failure logs, the test finished at **14:41:12**, while the test certificate's NotBefore time was set to **14:41:13**. It is possible that when the certificate was created, keytool **rounded up** the NotBefore time to the nearest second. As a result, the test may have validated the certificate just before it became valid.
The proposed fix is to set the NotBefore time to one minute in the past, ensuring the certificate will be valid when running the test.
-------------
Commit messages:
- cert startdate 1 minute ago
Changes: https://git.openjdk.org/jdk/pull/20728/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=20728&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8337951
Stats: 5 lines in 1 file changed: 1 ins; 0 del; 4 mod
Patch: https://git.openjdk.org/jdk/pull/20728.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/20728/head:pull/20728
PR: https://git.openjdk.org/jdk/pull/20728
More information about the security-dev
mailing list