JDK-7038175 : Expired PKITS certificates causing CertPathBuilder and CertPathValidator regression test failures
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 5.0,6,7,8
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: generic,solaris_10
  • CPU: generic,x86
  • Submitted: 2011-04-20
  • Updated: 2013-09-12
  • Resolved: 2011-06-22
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other JDK 6 JDK 7 JDK 8
5.0u33Fixed 6u30Fixed 7 b142Fixed 8Resolved
Related Reports
Duplicate :  
JDK-7039611 - Expired certificates causing CertPathBuilder and CertPathValidator regression test failures
Description
Several JDK regression tests have started to fail because the certificates used in the tests have expired on Tue Apr 19 10:57:20 EDT 2011.

These tests all use test certificates from the PKITS test suite.
Comments
SUGGESTED FIX http://hg.openjdk.java.net/jdk7/tl/jdk/rev/2c46bf0a462c
22-04-2011
EVALUATION See suggested fix. I also had to modify the DistributionPointFetcher to set the validity date when building the CRL issuer's certification path. *** (#1 of 1): [ UNSAVED ] ###@###.###
21-04-2011
SUGGESTED FIX Modify the tests to set the validity date (using PKIXParameters.setValidity) to a time in the past, within the validity period of the certificate.
20-04-2011