Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8196600

Add example to show how to have TrustManager take the validity dates of trust anchors into account

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Fixed
    • Icon: P4 P4
    • 11
    • None
    • docs
    • generic

        From the submitter:
        I believe it would be a useful enhancement request to be able to
        configure the TrustManager to take account of the validity dates of the
        trust anchor. Does the Oracle security team have any objections to me
        taking the information in this report and submitting an enhancement
        request to that effect?

        Analysis:
        We should avoid adding non-standard hooks into the
        implementation since the API (at least for this case) is
        flexible enough to do this themselves w/o too much effort.

        In that case documenting the case should address anyone else who has the same issue. The JSSE Reference Guide is likely the best place.

        Create a PKIXBuilderParameters object with a filtered Set of TrustAnchors (i.e. write a small amount of code that checks for and removes any that are expired) and encapsulate that in a CertPathTrustParameters object which would then be passed into the TrustManagerFactory.init method.

              rgallard Raymond Gallardo
              ahgross Andrew Gross
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: