8337951: Test sun/security/validator/samedn.sh CertificateNotYetValidException: NotBefore validation #20728
Conversation
|
👋 Welcome back fguallini! A progress list of the required criteria for merging this PR into |
|
@fguallini This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be: You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 94 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@seanjmullan) but any other Committer may sponsor as well. ➡️ To flag this PR as ready for integration with the above commit message, type |
|
@fguallini The following label will be automatically applied to this pull request:
When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command. |
fguallini
changed the title
fguallini
changed the title
|
/integrate |
|
@fguallini |
|
/sponsor |
|
Going to push as commit a505a1d.
Your commit was automatically rebased without conflicts. |
openjdk
bot
removed
ready
|
@seanjmullan @fguallini Pushed as commit a505a1d. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
2 participants
The test sun/security/validator/samedn.sh failed once due to the following reason:
Caused by: java.security.cert.CertificateNotYetValidException: NotBefore: Tue Aug 06 14:41:13 GMT 2024This test generates several certificates using the keytool as a precondition, and then validates their certificate paths.
This failure is very rare and could not be reproduced. However, based on the failure logs, the test finished at 14:41:12, while the test certificate's NotBefore time was set to 14:41:13. It is possible that when the certificate was created, keytool rounded up the NotBefore time to the nearest second. As a result, the test may have validated the certificate just before it became valid.
The proposed fix is to set the NotBefore time to one minute in the past, ensuring the certificate will be valid when running the test.
Progress
Issue
Reviewers
Reviewing
Using
gitCheckout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/20728/head:pull/20728$ git checkout pull/20728Update a local copy of the PR:
$ git checkout pull/20728$ git pull https://git.openjdk.org/jdk.git pull/20728/headUsing Skara CLI tools
Checkout this PR locally:
$ git pr checkout 20728View PR using the GUI difftool:
$ git pr show -t 20728Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/20728.diff
Webrev
Link to Webrev Comment