On Wed, 11 Sep 2024 09:07:15 GMT, Fernando Guallini <fguall...@openjdk.org> wrote:
> During the code review of > [JDK-8337664](https://bugs.openjdk.org/browse/JDK-8337664), several > non-critical comments were raised but not addressed due to time constraints. > This PR includes the following changes: > > 1. Symantec and Entrust tests now reuse common code. The Distrust.java class > contains this reusable code, making it easier to add new tests for distrusted > roots in the future. > 2. In several instances where an Exception is thrown, it has been replaced > with RuntimeException. > 3. Many Symantec test certs have already expired. To properly test the > distrusted scenario, this change wraps the intermediate and root CA certs in > NonExpiringTLSServerCert, which does not validate expiration. > 4. Package structure changed: > <img width="225" alt="image" > src="https://github.com/user-attachments/assets/a8c8407e-edd3-47dd-84c0-19feb9da3c0f";> test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Entrust.java line 34: > 32: * @summary Check that TLS Server certificates chaining back to distrusted > 33: * Entrust roots are invalid > 34: * @library /test/lib Do you need /test/lib anymore? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20944#discussion_r1773637584
