On Mon, 2 Sep 2024 21:47:25 GMT, Mark Powers <mpow...@openjdk.org> wrote:
>> Please review this change to distrust TLS server certificates issued after >> October 31, 2024 and anchored by Entrust Root CAs. This change is in line >> with similar plans recently announced by Google and Mozilla. TLS server >> certificates issued before this date will continue to be valid until they >> expire. This restriction should have minimal compatibility impact since >> Entrust has announced they will be using a partner (SSL.com) for all TLS >> server certificates issued after Oct 31, 2024. >> >> See the CSR for more details: https://bugs.openjdk.org/browse/JDK-8339194 > > Mark Powers has updated the pull request incrementally with one additional > commit since the last revision: > > beware moving lines around test/jdk/sun/security/ssl/X509TrustManagerImpl/Entrust/Distrust.java line 113: > 111: return xtm; > 112: } > 113: throw new Exception("No TrustManager for " + type); Please update this and other `Exception` thrown in `loadCertificateChain` and `testTM` function to `RuntimeException`. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20731#discussion_r1742439919
