JDK-8172529 : Use PKIXValidator in jarsigner
- Type: Bug
- Component: security-libs
- Sub-Component: jdk.security
- Priority: P3
- Status: Closed
- Resolution: Fixed
- Submitted: 2017-01-11
- Updated: 2018-11-14
- Resolved: 2017-01-18
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 10 | JDK 7 | JDK 8 | JDK 9 | Other |
|---|---|---|---|---|
10Fixed  |
7u211Fixed | 8u191Fixed |
9 b154Fixed |
openjdk7uFixed |
Related Reports
|
Relates :
|
Description
PKIXValidator is able to detect cross-signed certificates inside a cert chain so that the shortest path is used in validation. It is also used by Java Plug-in to determine if a signed jar can be trusted. Jarsigner should also use the same method is that the output is consistent.
Comments
|