CertificateTest.java should not specify TLS version

sha . jiang Fri, 07 Feb 2020 23:52:03 -0800

Hi Daniel,


Would it be possible to include a comment in Cert.java that contains
the command you used to generate the certificates?

That will be a great help to future maintainers if the certificates
ever needs to be re-generated (e.g. to update the expiry date
etc...)


I'll do that.

Please review this updated webrev:http://cr.openjdk.java.net/~jjiang/8238677/webrev.01/

The script, exactly gen-certs.sh, can be used to generate the certs.

Best regards,
John Jiang

Best regards,
John Jiang
best regards,

-- daniel

Disclaimer: I am not an expert in ssl/security


On 07/02/2020 10:51, sha.ji...@oracle.com wrote:
Hi,
java/net/httpclient/ssltest/CertificateTest.java shouldn't use aspecific TLS version.
And it would be better not to use binary key store files.
Since DSA is not supported by TLSv1.3, this fix also updates thecertificates to use RSA.
Webrev: http://cr.openjdk.java.net/~jjiang/8238677/webrev.00/
Issue: https://bugs.openjdk.java.net/browse/JDK-8238677

Best regards,
John Jiang

Re: RFR[15] 8238677: java/net/httpclient/ssltest/CertificateTest.java should not specify TLS version

Reply via email to