I signed the OCA yesterday, just waiting for it to be approved
On Fri, 17 Jan 2025 at 22:20, Alexey Bakhtin wrote:
> Hello Sean,
>
> The enhancement looks reasonable.
> As far as I know, Tim submitted the PR for this enhancement. I will be
> happy to review and help with it.
>
> Regards
> Alexey
Hello Sean,
The enhancement looks reasonable.
As far as I know, Tim submitted the PR for this enhancement. I will be happy to
review and help with it.
Regards
Alexey
> On 17 Jan 2025, at 13:58, Sean Mullan wrote:
>
> Caution: This email originated from outside of the organization. Do not cli
Alexey,
Given your experience with implementing
https://bugs.openjdk.org/browse/JDK-8320362, is this something you would
be interested in working on?
Tim, any progress on the OCA?
Thanks,
Sean
On 1/13/25 2:47 PM, Alexey Bakhtin wrote:
Hello Sean, Tim
I've attached logs to the JDK-8347067
Hello Sean, Tim
I've attached logs to the JDK-8347067, created based on Tim’s report.
As you mentioned already, the issue happens because the TLS server sends
truncated chain without CA intermediate certificates.
In my understanding, it should not be a problem if the Root and CA intermediate
are
Hi Sean
I don't have access to add to the bug report, but I've attached to the
GitHub pull request here:
https://github.com/openjdk/jdk/pull/22911#issuecomment-2586577905
(this can also be reproduced with this repository:
https://github.com/timja/openjdk-intermediate-ca-reproducer)
Thanks
Tim
O
On 1/8/25 4:06 AM, Tim Jacomb wrote:
TLS handshake fails with PKIX path building error.
Chain is Root -> Intermediate -> Leaf in the runnable example although
in our real-world use-case its Root -> Intermediate 1 -> Intermediate 2
-> Leaf
If I run the example only with Root -> Leaf then it
Responses below
On Tue, 7 Jan 2025 at 22:15, Sean Mullan wrote:
> Some additional thoughts below.
> On 1/4/25 3:45 AM, Tim Jacomb wrote:
>
> Following on from:
> https://bugs.openjdk.org/browse/JDK-8320362
>
> It's now possible to get system roots on macOS devices in the
> truststore: KeychainSt
Some additional thoughts below.
On 1/4/25 3:45 AM, Tim Jacomb wrote:
Following on from:
https://bugs.openjdk.org/browse/JDK-8320362
It's now possible to get system roots on macOS devices in the
truststore: KeychainStore-ROOT.
That's quite useful.
Unfortunately it doesn't cover everything tho
> It looks like the use case you described can be easily achieved by
wrapping all certificates from the KeychainStore-ROOT and KeychainStore
stores into one custom Trust Store.
1. I've implemented something like that in
https://github.com/JetBrains/jvm-native-trusted-roots/pull/6 (although it
just
Hi Alexey
> It looks like the use case you described can be easily achieved by
wrapping all certificates from the KeychainStore-ROOT and KeychainStore
stores into one custom Trust Store. As far as I know, all certificates
should be in one or another Keychain store.
Yes that would work although I
Hello Tim,
It looks like the use case you described can be easily achieved by wrapping all
certificates from the KeychainStore-ROOT and KeychainStore stores into one
custom Trust Store. As far as I know, all certificates should be in one or
another Keychain store.
Also, please look at my comme
Hi
Following on from:
https://bugs.openjdk.org/browse/JDK-8320362
It's now possible to get system roots on macOS devices in the
truststore: KeychainStore-ROOT.
That's quite useful.
Unfortunately it doesn't cover everything though.
In practice there's two issues I've found in trying to use it:
1
12 matches
Mail list logo
