On Tue, 7 Mar 2023 21:19:37 GMT, Rajan Halade <rhal...@openjdk.org> wrote:
> This fix removes the check for 90 days expiry. But the test will continue to
> fail if the expired certificate is included in `cacerts` but no exception is
> granted.
>
> Fix also includes minor code cleanup.
test/jdk/sun/security/lib/cacerts/VerifyCACerts.java line 299:
> 297:
> 298: // also ensure FINGERPRINT_MAP lists correct count
> 299: if(FINGERPRINT_MAP.size() != COUNT) {
Nit: add space after `if`.
test/jdk/sun/security/lib/cacerts/VerifyCACerts.java line 356:
> 354: atLeastOneFailed = true;
> 355: System.err.println("ERROR: cert \"" + alias + "\"
> expiry \""
> 356: + notAfter.toString() + "\" will expire
> within 90 days");
It might be useful to still emit these lines as a "WARNING: ..." but not flag
it as a failure.
-------------
PR: https://git.openjdk.org/jdk/pull/12910
