On Tue, 29 Jul 2025 19:19:15 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
>> test/jdk/sun/security/ssl/X509KeyManager/CertChecking.java line 128: >> >>> 126: // --- Usage and expired test cases -- >>> 127: >>> 128: // Both should fail with no usages at all >> >> Clarify what you mean by "Both should fail"? This test doesn't do a TLS >> handshake. Maybe what you want to comment on is the order when checking is >> enabled (i.e. cert with bad usage is always preferred last). > > Sounds good, changing it to "Both client and server should fail". > `usageTestCase` method takes 2 boolean values to indicate whether to check > for server and client failure. But I am still confused by what you mean by fail? Typically that means catching an Exception and checking that it is expected. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/25016#discussion_r2240752548
