Integrated: 8312383: Log X509ExtendedKeyManager implementation class name in TLS/SSL connection
Prajwal Kumaraswamy
pkumaraswamy at openjdk.org
Fri Mar 8 09:07:02 UTC 2024
On Wed, 7 Feb 2024 06:36:10 GMT, Prajwal Kumaraswamy <pkumaraswamy at openjdk.org> wrote:
> During the time of server certificate validation, users have the flexibility to use a custom X509 Key Manager implementation by extending "X509ExtendedKeyManager.".
> In such cases, printing the class name in X509Authentication.java will be helpful to trace any failure of the SSL connection due to a certificate issue.
>
> I've tested the code by running the custom X509 manager, the default X509 manager, and passing the null key manager.
> The screen shots are attached here.
> [x509_log_testing.zip](https://github.com/openjdk/jdk/files/14206695/x509_log_testing.zip)
>
> Also, the internal test runs against this fix are green
This pull request has now been integrated.
Changeset: bdd1aebe
Author: Prajwal Kumaraswamy <pkumaraswamy at openjdk.org>
Committer: Sean Coffey <coffeys at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/bdd1aebea379b63ae405827074530ef8e8a7c239
Stats: 9 lines in 1 file changed: 8 ins; 0 del; 1 mod
8312383: Log X509ExtendedKeyManager implementation class name in TLS/SSL connection
Reviewed-by: coffeys
-------------
PR: https://git.openjdk.org/jdk/pull/17742
More information about the security-dev
mailing list