Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8191711

JEP-JDK-8191486: Test Plan for Root Certificates

    Details

    • Type: JEP Task
    • Status: Resolved
    • Priority: P3
    • Resolution: Delivered
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:

      Description

      See the main JEP JDK-8191486 for details on cacerts keystore and changes planned.

      Test entries in cacerts keystore

      cacerts keystore will include trusted root certificates issued by Certificate Authority. This new test will check root CA entries in this file:

      • Verify expected number of certificates in keystore
      • Check SHA256 fingerprint of certificate
      • Make sure certificate can be self-verified
      • Make sure certificate is not expired or not yet valid
      • Make sure no certificate is within 90 days of expiry

      Interoperability testing against Certificate Authorities

      Trusted Certificate Authorities issue valid and revoked test certificates. This test will use these test certificates and attempt to validate using OCSP and CRL revocation checking.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rhalade Rajan Halade
                Reporter:
                mullan Sean Mullan
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: