Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8161384

[test] One case in JawsESLCertCheckTest failed due to the cert used to sign jnlp is "revocation status unknown"

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P3 P3
    • 9
    • 9
    • deploy
    • b131
    • Verified

      We may need to change a revoked cert to sign test app.

      See exception in logs:
      security: Revocation Status Unknown
      com.sun.deploy.security.RevocationChecker$StatusUnknownException: java.io.IOException: Server returned HTTP response code: 403 for URL: http://csca.ocsp.certum.pl
      at com.sun.deploy.security.RevocationChecker.checkOCSP(jdk.deploy@9-ea/RevocationChecker.java:271)
      at com.sun.deploy.security.RevocationChecker.check(jdk.deploy@9-ea/RevocationChecker.java:188)
      at com.sun.deploy.security.TrustDecider.checkRevocationStatus(jdk.deploy@9-ea/TrustDecider.java:845)
      at com.sun.deploy.security.TrustDecider.getValidationState(jdk.deploy@9-ea/TrustDecider.java:564)
      at com.sun.deploy.security.TrustDecider.validateChain(jdk.deploy@9-ea/TrustDecider.java:306)
      at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(jdk.deploy@9-ea/TrustDecider.java:1117)
      at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(jdk.deploy@9-ea/TrustDecider.java:1037)
      at com.sun.javaws.security.AppPolicy.grantAllPermissions(jdk.javaws@9-ea/AppPolicy.java:375)
      at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(jdk.javaws@9-ea/JNLPSignedResourcesHelper.java:616)
      at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(jdk.javaws@9-ea/JNLPSignedResourcesHelper.java:213)
      at com.sun.javaws.Launcher.prepareResources(jdk.javaws@9-ea/Launcher.java:1275)
      at com.sun.javaws.Launcher.prepareAllResources(jdk.javaws@9-ea/Launcher.java:585)
      at sun.plugin2.main.WebStart.prepareToLaunch(jdk.plugin@9-ea/WebStart.java:277)
      at sun.plugin2.main.WebStart.prepareToLaunch(jdk.plugin@9-ea/WebStart.java:261)
      at sun.plugin2.main.WebStart.launchApp(jdk.plugin@9-ea/WebStart.java:223)
      at sun.plugin2.main.WebStart.launchApp(jdk.plugin@9-ea/WebStart.java:194)
      at sun.plugin2.main.WebStart.continueInSecureThread(jdk.plugin@9-ea/WebStart.java:138)
      at sun.plugin2.main.WebStart.access$000(jdk.plugin@9-ea/WebStart.java:48)
      at sun.plugin2.main.WebStart$1.run(jdk.plugin@9-ea/WebStart.java:71)
      at java.lang.Thread.run(java.base@9-ea/Thread.java:843)
      Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException
      at com.sun.deploy.security.RevocationChecker.checkCRLs(jdk.deploy@9-ea/RevocationChecker.java:359)
      at com.sun.deploy.security.RevocationChecker.check(jdk.deploy@9-ea/RevocationChecker.java:199)
      ... 18 more
      Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: http://csca.ocsp.certum.pl
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(java.base@9-ea/HttpURLConnection.java:1832)
      at sun.net.www.protocol.http.HttpURLConnection.access$200(java.base@9-ea/HttpURLConnection.java:95)
      at sun.net.www.protocol.http.HttpURLConnection$9.run(java.base@9-ea/HttpURLConnection.java:1425)
      at sun.net.www.protocol.http.HttpURLConnection$9.run(java.base@9-ea/HttpURLConnection.java:1423)
      at java.security.AccessController.doPrivileged(java.base@9-ea/Native Method)
      at java.security.AccessController.doPrivilegedWithCombiner(java.base@9-ea/AccessController.java:792)
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(java.base@9-ea/HttpURLConnection.java:1422)
      at sun.security.provider.certpath.OCSP.getOCSPBytes(java.base@9-ea/OCSP.java:276)
      at sun.security.provider.certpath.OCSP.check(java.base@9-ea/OCSP.java:213)
      at sun.security.provider.certpath.OCSP.check(java.base@9-ea/OCSP.java:175)
      at sun.security.provider.certpath.OCSP.check(java.base@9-ea/OCSP.java:155)
      at com.sun.deploy.security.RevocationChecker$2.run(jdk.deploy@9-ea/RevocationChecker.java:300)
      at com.sun.deploy.security.RevocationChecker$2.run(jdk.deploy@9-ea/RevocationChecker.java:295)
      at java.security.AccessController.doPrivileged(java.base@9-ea/Native Method)
      at com.sun.deploy.security.RevocationChecker.doPrivilegedOCSPCheck(jdk.deploy@9-ea/RevocationChecker.java:295)
      at com.sun.deploy.security.RevocationChecker.checkOCSP(jdk.deploy@9-ea/RevocationChecker.java:239)
      ... 19 more


      Affected tests:
      RULE JawsESLCertCheckTest::testESLCertumRevokedSignedMFAllPermsVHighNeg any any

            wenjyang Crystal Yang (Inactive)
            wenjyang Crystal Yang (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: