Integrated: 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs
Mark Powers
mpowers at openjdk.org
Tue Sep 3 19:58:29 UTC 2024
On Tue, 27 Aug 2024 17:18:29 GMT, Mark Powers <mpowers at openjdk.org> wrote:
> Please review this change to distrust TLS server certificates issued after October 31, 2024 and anchored by Entrust Root CAs. This change is in line with similar plans recently announced by Google and Mozilla. TLS server certificates issued before this date will continue to be valid until they expire. This restriction should have minimal compatibility impact since Entrust has announced they will be using a partner (SSL.com) for all TLS server certificates issued after Oct 31, 2024.
>
> See the CSR for more details: https://bugs.openjdk.org/browse/JDK-8339194
This pull request has now been integrated.
Changeset: bbb51616
Author: Mark Powers <mpowers at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/bbb516163d400a9c7e923e423fe2a60091b59322
Stats: 1103 lines in 13 files changed: 1101 ins; 0 del; 2 mod
8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs
Reviewed-by: mullan, rhalade
-------------
PR: https://git.openjdk.org/jdk/pull/20731
More information about the security-dev
mailing list