Two DocuSign root CA certificates will expire in 90 days. This is
causing failures in mach5 tier 2 and tier 4.
For now, I have modified the test to exclude these certificates until we
can contact the CA vendor to determine if we should remove or replace
them, and filed a follow-on issue to track that:
https://bugs.openjdk.java.net/browse/JDK-8222121
bug: https://bugs.openjdk.java.net/browse/JDK-8222089
diffs:
diff -r 7b5e2bc79e68 test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
--- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java Mon Apr
08 15:54:47 2019 +0300
+++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java Mon Apr
08 10:15:29 2019 -0400
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights
reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights
reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,7 +25,7 @@
/**
* @test
* @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923
8195774 8199779
- * 8209452 8209506 8210432 8195793
+ * 8209452 8209506 8210432 8195793 8222089
* @summary Check root CA entries in cacerts file
*/
import java.io.File;
@@ -237,7 +237,12 @@
// Exception list to 90 days expiry policy
// No error will be reported if certificate in this list expires
- private static final HashSet<String> EXPIRY_EXC_ENTRIES = new
HashSet<>();
+ private static final HashSet<String> EXPIRY_EXC_ENTRIES = new
HashSet<>() {
+ {
+ add("certplusclass2primaryca [jdk]");
+ add("certplusclass3pprimaryca [jdk]");
+ }
+ };
// Ninety days in milliseconds
private static final long NINETY_DAYS = 7776000000L;
Thanks,
Sean
