JDK-8243321 : Add Entrust root CA - G4 to Oracle Root CA program
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2020-04-21
  • Updated: 2022-06-27
  • Resolved: 2020-07-29
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 13 JDK 15 JDK 16 JDK 7 JDK 8 Other
11.0.10-oracleFixed 13.0.7Fixed 15.0.1Fixed 16 b09Fixed 7u281Fixed 8u271Fixed openjdk8u272Fixed
Sub Tasks
JDK-8250756 :  
Include Entrust's 4096-bit RSA to the Root program

CN = Entrust Root Certification Authority - G4
OU = (c) 2015 Entrust, Inc. - for authorized use only
OU = See www.entrust.net/legal-terms
O = Entrust, Inc.
C = US
Fix request (13u): The fix makes 13u closer to LTS releases and 15u, cacerts-wide. Applies clean. Tests run OK.

Fix Request (8u) Same reason as for 15u and 11u backports. Patch applies with usual reshuffling. VerifyCACerts test passes with the patch, and fails if certificate is yanked.

Fix Request (11u) This improves CA list and keeps codebases in sync (I see 11.0.10-oracle). Patch applies cleanly to 11u, new tests cases pass, tier{1,2} pass.

Fix Request (15u) Requesting to backport (15.0.1) this fix to add new Entrust root CA certificate to cacerts store. The patch applies cleanly and tests pass.

URL: https://hg.openjdk.java.net/jdk/jdk/rev/ac7e21a0fb7f User: rhalade Date: 2020-07-29 16:32:05 +0000