-
Bug
-
Resolution: Won't Fix
-
P2
-
6
-
None
-
x86
-
windows
The bugster application is signed by a certficate, and the certiifcate do have CRL extension, in JRE 1.6 B38, Java deployment implement a RFE to support OCSP/CRL validation check. When these options are enabled, the bugster will fail to launch due to bad certificate exception.
The issue is with the signing certificate for jar file in bugster.jnlp, one the certificate (Sun Microsystems Inc CA) has CRL extension as follow:
CRLDistributionPoints[
[DistributionPoint:
[URIName: http://www.sun.com/pki/pkirootca.crl]
CRLIssuer:[C=US, O=Sun Microsystems Inc, CN=Sun Microsystems Inc Root CA]
]]
The issue is with CRLIssuer string, the distinguished name contained in the CRL distribution points extension of the Sun CA certificate is:
CN=Sun Microsystems Inc Root CA O=Sun Microsystems Inc C=US
which does NOT match the issuer distinguished name in the CRL issued by Sun ROOT CA.
The order of the RDNs in the distinguished name is reversed.
I have attached all the certificate file in the bug report too.
###@###.### 2005-05-17 18:39:07 GMT
The issue is with the signing certificate for jar file in bugster.jnlp, one the certificate (Sun Microsystems Inc CA) has CRL extension as follow:
CRLDistributionPoints[
[DistributionPoint:
[URIName: http://www.sun.com/pki/pkirootca.crl]
CRLIssuer:[C=US, O=Sun Microsystems Inc, CN=Sun Microsystems Inc Root CA]
]]
The issue is with CRLIssuer string, the distinguished name contained in the CRL distribution points extension of the Sun CA certificate is:
CN=Sun Microsystems Inc Root CA O=Sun Microsystems Inc C=US
which does NOT match the issuer distinguished name in the CRL issued by Sun ROOT CA.
The order of the RDNs in the distinguished name is reversed.
I have attached all the certificate file in the bug report too.
###@###.### 2005-05-17 18:39:07 GMT