Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8210209

AuthorityInfoAccess field use failing in TLS connection



      Submitter looking for some inputs on validating Intermediate SSL certificates in Java. Here is summary of their use case and the issue:
      - Request is sent from the Fusion application to a remote server over SSL
      - The SSL certificate of the remote is signed/issued by an Intermediate certificate, which is not present in the default JDK truststore.
      - The Intermediate certificate is signed/issued by a root certificate, which is present in the default JDK truststore.
      - In the past, they used to import the Intermediate certificates into the JDK truststore and this used to work fine.
      - This import action is no longer possible though

      Submitter came across a blog and the related java documentation that seems to
      suggest that it is possible for Java to automatically determine the
      Intermediate certificate through "Authority Information Access (AIA)
      Extension". As per the blog, this is disabled by default and can be enabled
      through the system option "com.sun.security.enableAIAcaIssuers", by setting
      it to "true"

      This approach doesn't seem to work for submitter




            • Assignee:
              coffeys Sean Coffey
              shadowbug Shadow Bug
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: