Details
-
Bug
-
Status: Closed
-
P2
-
Resolution: Fixed
-
7u221, 8u211, 11.0.3-oracle, 12, 13
-
b29
-
Verified
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8217574 | 13 | Sean Mullan | P2 | Resolved | Fixed | b05 |
JDK-8217560 | 12.0.1 | Sean Mullan | P2 | Resolved | Fixed | b04 |
JDK-8217724 | 11.0.4-oracle | Sean Mullan | P2 | Resolved | Fixed | b01 |
JDK-8217523 | 11.0.3-oracle | Sean Coffey | P2 | Closed | Fixed | master |
JDK-8219452 | 11.0.3 | Sean Mullan | P2 | Closed | Fixed | master |
JDK-8219963 | openjdk8u212 | Sean Mullan | P2 | Resolved | Fixed | master |
JDK-8218256 | 8u222 | Sean Coffey | P2 | Resolved | Fixed | master |
JDK-8217787 | 8u221 | Sean Coffey | P2 | Resolved | Fixed | b01 |
JDK-8217988 | 8u212 | Sean Coffey | P2 | Resolved | Fixed | b04 |
JDK-8217524 | 8u211 | Sean Coffey | P2 | Closed | Fixed | b04 |
JDK-8224353 | emb-8u221 | Sean Coffey | P2 | Resolved | Fixed | master |
JDK-8221037 | emb-8u211 | Sean Coffey | P2 | Resolved | Fixed | b04 |
JDK-8217788 | 7u231 | Sean Coffey | P2 | Resolved | Fixed | b01 |
JDK-8217525 | 7u221 | Sean Coffey | P2 | Closed | Fixed | b03 |
JDK-8222657 | openjdk7u | Andrew Hughes | P2 | Resolved | Fixed | master |
Description
Apple has requested more time to transition their users off of the legacy Symantec Root CAs that will be distrusted for TLS Server certificates. They are working with DigiCert on a transition plan and have requested a later distrust date: December 31, 2019. This later distrust date would only apply to TLS Server certificates issued from two Apple subordinate CAs: "Apple IST CA 2 - G1" and "Apple IST CA 8 - G1". Any certificate issued after that date will be distrusted. Other vendors such as Mozilla have granted similar exemptions to these Apple subCAs.
Attachments
Issue Links
- backported by
-
JDK-8217560 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8217574 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8217724 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8217787 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8217788 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8217988 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8218256 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8219963 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8221037 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8222657 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8224353 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Resolved
-
-
JDK-8217523 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Closed
-
-
JDK-8217524 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Closed
-
-
JDK-8217525 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Closed
-
-
JDK-8219452 Allow later Symantec Policy distrust date for two Apple SubCAs
-
- Closed
-
- relates to
-
JDK-8207258 Distrust TLS server certificates anchored by Symantec Root CAs
-
- Resolved
-
-
JDK-8207258 Distrust TLS server certificates anchored by Symantec Root CAs
-
- Resolved
-