Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8024156

DRS: The messaging for invalid rule set jar is not explicit.

    Details

    • Resolved In Build:
      b01

      Backports

        Description

        This might be a regression.
        When the rule set file is signed with cert containing OCSP information, and it cannot connect to the OCSP server, it should still work as valid. Now it works as a wrong rule set file and block the applet.

        Steps to reproduce:
        1.Dowload http://sqeweb.us.oracle.com/deployment2/sheldon/webCases/PolicyFileValidation/policy_template/policy_publicRevoked.jar and install it.
        2.Disconnect from internet by unsetting proxy.
        3.Launch the applet from http://sqeweb.us.oracle.com/deployment2/sheldon/webCases/PolicyFileValidation/html/hello_appletTag.html
        4.If it is blocked with "Cannot Verify RuleSet", bug is reproducible. It should get launched.

        Also if the OCSP server is accessible, and the cert is revoked. it should come out with dialog "Certificate has been revoked". Now it is "Cannot Verify RuleSet".

        Attachment are the trace for OCSP server accessible and inaccessible scenarios.


          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  herrick Andy Herrick
                  Reporter:
                  yanqchen Sheldon Chen (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: