Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8133489

Better messaging for PKIX path validation matching

    XMLWordPrintable

Details

    • b03
    • generic
    • generic

    Backports

      Description

        We should try and be more verbose when it comes to PKIX path validation. Include more information in debug logs where possible.

        Here's a recent example I worked on :

        certpath: X509CertSelector.match(SN: xxx1a8ae
          Issuer: OU=xxxxx CA,OU=Certification Authorities,OU=xxxxx,O=xxxx,C=US
          Subject: OU=xxx CA4,OU=Certification Authorities,OU=xxxxx,O=xxxx,C=US)
        certpath: X509CertSelector.match: subject key IDs don't match

        Print the SKIDs! there are other examples in X509CertSelector also where we can print IDs to debug logs.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8226564 Better messaging for PKIX path validation matching

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8228427 Better messaging for PKIX path validation matching

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8229178 Better messaging for PKIX path validation matching

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8235038 Better messaging for PKIX path validation matching

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8235862 Better messaging for PKIX path validation matching

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8235896 Better messaging for PKIX path validation matching

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8241366 Better messaging for PKIX path validation matching

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8133094 JDK 7 and orapki provider not working with JDBC using TCPS

            • P3 - Major loss of function.
            • Closed

            Activity

              People

                coffeys Sean Coffey
                coffeys Sean Coffey
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: