-
Bug
-
Resolution: Fixed
-
P3
-
6
-
b63
-
generic
-
generic
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2132085 | 5.0u7 | Vincent Ryan | P3 | Resolved | Fixed | b01 |
OCSP is the on-line certificate status protocol. It is used to determine the validity
of a given certificate. An error exists in the OCSP client implementation such that
certain OCSP requests are immediately rejected by the OCSP server.
The error occurs during validation of a certain class of certificates: those that
have been issued by a CA that is not a root CA. A root CA has a certificate where
the subject name and issuer name are identical. OCSP validation requests for
certificates issued by root CAs do not exhibit the problem.
When the error occurs, the OCSP validation request is encoded incorrectly and the
request is subsequently rejected by the OCSP server.
of a given certificate. An error exists in the OCSP client implementation such that
certain OCSP requests are immediately rejected by the OCSP server.
The error occurs during validation of a certain class of certificates: those that
have been issued by a CA that is not a root CA. A root CA has a certificate where
the subject name and issuer name are identical. OCSP validation requests for
certificates issued by root CAs do not exhibit the problem.
When the error occurs, the OCSP validation request is encoded incorrectly and the
request is subsequently rejected by the OCSP server.
- backported by
-
JDK-2132085 Certificate validation using OCSP fails for a particular class of certificates
-
- Resolved
-