The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed. Resolved: Release in which this issue/RFE has been resolved. Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
Following TeliaSonera certificate needs to be added to cacerts.
Owner: CN=TeliaSonera Root CA v1, O=TeliaSonera
Serial number: 95be16a0f72e46f17b398272fa8bcd96
Comments
Replied on linked bug JDK-8333640
07-06-2024
We see for some days errors in the jtreg test security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#teliasonerarootcav1 .
stdout says :
=====================================================
CONFIGURATION
=====================================================
http.proxyHost :null
http.proxyPort :null
https.proxyHost :null
https.proxyPort :null
https.socksProxyHost :null
https.socksProxyPort :null
jdk.certpath.disabledAlgorithms :MD2, MD5, SHA1 jdkCA & usage TLSServer, RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, SHA1 usage SignedJAR & denyAfter 2019-01-01
com.sun.security.enableCRLDP :false
ocsp.enable :true
=====================================================
===== Validate https://juolukka.cover.sonera.net:10443=====
Finding intermediate certificate issued by CA
Checking: CN=cps.trust.telia.com
Issuer: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
Checking: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
Issuer: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
Checking: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
Issuer: CN=TeliaSonera Root CA v1, O=TeliaSonera
Found intermediate root CA: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
intermediate CA Issuer: CN=TeliaSonera Root CA v1, O=TeliaSonera
Verified: Intermediate CA signed by test root CA
======> SUCCESS
===== Validate https://juolukka.cover.sonera.net:10444=====
SSLHandshakeException: (certificate_revoked) PKIX path validation failed: java.security.cert.CertPathValidatorException: Certificate has been revoked, reason: UNSPECIFIED, revocation date: Sat Jun 01 04:22:03 CEST 2024, authority: CN=Telia Domain Validation CA v3 OCSP responder, O=Telia Finland Oyj, C=FI, extension OIDs: []
Certificate is revoked
Finding intermediate certificate issued by CA
Checking: CN=cps.trust.telia.com
Issuer: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
Checking: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
Issuer: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
Does it have to do with the revocation date: Sat Jun 01 04:22:03 CEST 2024, ?
05-06-2024
Fix Request:
Backport to OpenJDK 8 will be resolved with push for JDK-8189131.