-
Bug
-
Resolution: Fixed
-
P3
-
7-pool, 8-pool, 11-pool, 12-pool, 13
-
b21
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8228956 | 12u-cpu | Rajan Halade | P3 | Resolved | Fixed | master |
JDK-8223972 | 12.0.2 | Sean Coffey | P3 | Resolved | Fixed | b03 |
JDK-8228201 | 11.0.6-oracle | Sean Coffey | P3 | Resolved | Fixed | b01 |
JDK-8224237 | 11.0.5-oracle | Sean Coffey | P3 | Resolved | Fixed | b02 |
JDK-8224938 | 11.0.4-oracle | Sean Coffey | P3 | Resolved | Fixed | b07 |
JDK-8223973 | 11.0.4 | Christoph Langer | P3 | Resolved | Fixed | b04 |
JDK-8224102 | openjdk8u222 | Christoph Langer | P3 | Resolved | Fixed | b03 |
JDK-8223974 | 8u231 | Sean Coffey | P3 | Resolved | Fixed | b01 |
JDK-8224903 | 8u221 | Sean Coffey | P3 | Resolved | Fixed | b07 |
JDK-8229683 | emb-8u231 | Sean Coffey | P3 | Resolved | Fixed | b01 |
JDK-8227164 | emb-8u221 | Sean Coffey | P3 | Resolved | Fixed | b07 |
JDK-8223975 | 7u241 | Sean Coffey | P3 | Resolved | Fixed | b01 |
JDK-8224929 | 7u231 | Sean Coffey | P3 | Resolved | Fixed | b07 |
1. CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
2. CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
3. CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
The replacement root (for all 3) is "USERTrust RSA Certification Authority" (https://crt.sh/?id=1199354), which is already in the Java root store.
The first two roots can be safely removed after they expire. However, the 3rd root should be retained since there were many code signing certificates issued that chain back to this root and removing this root could break signed code that was also timestamped and is still in use. In this case, the root CA is still needed in order to properly verify the certificate chain.
- backported by
-
JDK-8223972 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8223973 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8223974 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8223975 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8224102 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8224237 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8224903 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8224929 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8224938 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8227164 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8228201 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8228956 Remove two Comodo root CA certificates that are expiring
- Resolved
-
JDK-8229683 Remove two Comodo root CA certificates that are expiring
- Resolved
- relates to
-
JDK-8222133 Add temporary exceptions for root certs that are due to expire soon
- Resolved