Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8191711

JEP-JDK-8191486: Test Plan for Root Certificates

    XMLWordPrintable

    Details

    • Type: JEP Task
    • Status: Resolved
    • Priority: P3
    • Resolution: Delivered
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:

      Description

      See the main JEP JDK-8191486 for details on cacerts keystore and changes planned.

      Test entries in cacerts keystore

      cacerts keystore will include trusted root certificates issued by Certificate Authority. This new test will check root CA entries in this file:

      • Verify expected number of certificates in keystore
      • Check SHA256 fingerprint of certificate
      • Make sure certificate can be self-verified
      • Make sure certificate is not expired or not yet valid
      • Make sure no certificate is within 90 days of expiry

      Interoperability testing against Certificate Authorities

      Trusted Certificate Authorities issue valid and revoked test certificates. This test will use these test certificates and attempt to validate using OCSP and CRL revocation checking.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              rhalade Rajan Halade
              Reporter:
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: