OpenJDK / jdk / jdk
changeset 51453:59614cd6d8dc
8209452: VerifyCACerts.java failed with "At least one cacert test failed"
Summary: Allow test to pass even if cert in EXPIRY_EXC_ENTRIES expires
Reviewed-by: mullan
| author | rhalade |
|---|---|
| date | Tue, 14 Aug 2018 09:38:29 -0700 |
| parents | 7bd2a286e637 |
| children | 06417e487a28 |
| files | test/jdk/lib/security/cacerts/VerifyCACerts.java |
| diffstat | 1 files changed, 6 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/test/jdk/lib/security/cacerts/VerifyCACerts.java Tue Aug 14 11:55:21 2018 +0530 +++ b/test/jdk/lib/security/cacerts/VerifyCACerts.java Tue Aug 14 09:38:29 2018 -0700 @@ -24,7 +24,7 @@ /** * @test - * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779 + * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779 8209452 * @summary Check root CA entries in cacerts file */ import java.io.File; @@ -231,6 +231,7 @@ }; // Exception list to 90 days expiry policy + // No error will be reported if certificate in this list expires private static final HashSet<String> EXPIRY_EXC_ENTRIES = new HashSet<String>(Arrays.asList( "gtecybertrustglobalca [jdk]" @@ -293,8 +294,10 @@ try { cert.checkValidity(); } catch (CertificateExpiredException cee) { - atLeastOneFailed = true; - System.err.println("ERROR: cert is expired"); + if (!EXPIRY_EXC_ENTRIES.contains(alias)) { + atLeastOneFailed = true; + System.err.println("ERROR: cert is expired"); + } } catch (CertificateNotYetValidException cne) { atLeastOneFailed = true; System.err.println("ERROR: cert is not yet valid");