Bug ID: JDK-8325766 Review seclibs tests for cert expiry

JDK-8325766 : Review seclibs tests for cert expiry

Type: Bug
Component: security-libs
Sub-Component: java.security
Affected Version: 23

Priority: P4
Status: In Progress
Resolution: Unresolved

Submitted: 2024-02-13
Updated: 2025-04-08

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 25
25Unresolved

Related Reports

Relates :	JDK-8325096 - Test java/security/cert/CertPathBuilder/akiExt/AKISerialNumber.java is failing
Relates :	JDK-8031674 - Update MD5 signed certificate to SHA-2 algorithm

Description

Few tests use hardcoded certificates. When these certificates expire, test fails. This bug is filed to update these test certificates to either be generated at run time or updated to have extended expiry date.

Two ways this can be achieved:

- Set system clock to future date and run tests as suggested by Sean C. This would cause krb tests to fail with clock skew error so those should be ignored.
- Other option would be to look for certificates in the test with grep (BEGIN etc.)

Comments

A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/23700 Date: 2025-02-19 15:48:10 +0000

19-02-2025

A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/18958 Date: 2024-04-25 17:20:11 +0000

09-07-2024