Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8143286

Test jnlp that signed with revoked cert exits silently with jre9-b92

XMLWordPrintable

    • b100
    • Verified

      Steps to reproduce:
      0. Install jre9-b92
      1. Import self signed root ca to jre/lib/security/cacerts to have a valid trusted cert
      keytool -import -file cacert.pem -keystore ../lib/security/cacerts -storepass changeit -alias cakey -noprompt
      See http://sqeweb.us.oracle.com/net/scanas415/export/deployment/crystal/DO_NOT_REMOVE_ME/jrebug/JawsOcspAndCrlCheck/lib/cacert.pem
      2. Load jnlp that signed with revoked cert: javaws http://sqeweb.us.oracle.com/net/scanas415/export/deployment/crystal/DO_NOT_REMOVE_ME/jrebug/JawsOcspAndCrlCheck/jnlp/testOCSPRevokedCertJNLP.jnlp
      3. If test jnlp exits silently, then this bug is reproduced.
      Expected behavior: A dialog saying "the certificate is revoked' should show up and app should not get loaded.

      From trace, I can see "security: OCSP Response: REVOKED" info and then "basic: Exiting".
      See attachment for detail trace.

      Note: it works fine with jre9-b90.

            herrick Andy Herrick (Inactive)
            wenjyang Crystal Yang (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: