On Tue, 7 Mar 2023 21:19:37 GMT, Rajan Halade <rhal...@openjdk.org> wrote:
> This fix removes the check for 90 days expiry. But the test will continue to
> fail if the expired certificate is included in `cacerts` but no exception is
> granted.
>
> Fix also includes minor code cleanup.
test/jdk/sun/security/lib/cacerts/VerifyCACerts.java line 345:
> 343: cert.checkValidity();
> 344: } catch (CertificateExpiredException cee) {
> 345: if (!EXPIRY_EXC_ENTRIES.contains(alias)) {
@seanjmullan 90 days expiry check is removed but test will continue to check
expiry exception. This allows extra time to consider removal of root.
-------------
PR: https://git.openjdk.org/jdk/pull/12910
