On 05/08/2014 09:55 AM, Jamil Nimeh wrote:
Ah, didn't know that we were moving away from the scripts.
See https://blogs.oracle.com/jjg/entry/shelling_tests for some more rationale.
I had thought about hard-coding certs, but I liked the on-the-fly generation approach because it kept the validity periods always within current time. But it's easy to just make really long lived certs so I'll make that change.
You can also work around the expiration issue by setting the validity date to a time within the validity period of the certificate. See PKIXParameters.setDate(). We do that a lot in other tests.
--Sean
