On Wed, 15 Apr 2026 11:22:27 GMT, SendaoYan <[email protected]> wrote:
>> Hi all, >> >> Test >> security/infra/java/security/cert/CertPathValidator/certification/SectigoCSRootCAs.java >> fails when there is no internet connection. This PR check the outbound >> network connection to >> http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl or >> ocsp.sectigo.com before test executed. I think if there is no network >> connection, test should not report failure, because it's not jvm bug or test >> bug. It's enviroenmental issue, so maybe it's better to throw >> SkippedException. >> >> Additional testing: >> >> - [x] The environmental which need proxy, and the proxy is set correctly, >> test should be run passed >> - [x] The environmental which need proxy, and the proxy is unset, test >> should report skip >> - [x] The environmental do not need proxy, test should be run passed >> - [x] The environmental do not network at all, test should report skip >> >> >> >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > SendaoYan has updated the pull request incrementally with one additional > commit since the last revision: > > Remove @build jtreg.SkippedException explicitly All, or most of the certificate infra tests in general assume an Internet connection, so I think it is a basic requirement and the test should fail if it cannot make a connection. The success of these tests depends on verifying downloaded security artifacts, so you don't want to miss issues where the CA may have made some changes and the tests need to be updated to use a different URL. I don't think it is appropriate to make one test workaround this. Adding @rhalade for comments. ------------- PR Comment: https://git.openjdk.org/jdk/pull/30740#issuecomment-4260282798
