Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8289884

Actalis intermediate CA has invalid name in CRL DP

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • P4
    • 21
    • 20
    • security-libs

    Description

      https://bugs.openjdk.org/browse/JDK-8224768 removed the ActalisCA.java test from the problem list.
      after this the test started to fail :
      After security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java has been removed from the problem list, the test started to fail again.
      Exception is
      java.lang.RuntimeException: TEST FAILED: couldn't determine EE certificate status
      at ValidatePathWithParams.validate(ValidatePathWithParams.java:177)
      at ActalisCA.main(ActalisCA.java:212)
      at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
      at java.base/java.lang.reflect.Method.invoke(Method.java:578)
      at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
      at java.base/java.lang.Thread.run(Thread.java:1596)
      Caused by: java.security.cert.CertPathValidatorException: sun.security.provider.certpath.PKIX$CertStoreTypeException: Invalid name: cn=Actalis Authentication Root CA,o=Actalis S.p.A./03358520967,c=IT
      at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
      at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:224)
      at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:144)
      at java.base/sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:83)
      at java.base/java.security.cert.CertPathValidator.validate(CertPathValidator.java:309)
      at ValidatePathWithParams.doCertPathValidate(ValidatePathWithParams.java:288)
      at ValidatePathWithParams.validate(ValidatePathWithParams.java:142)
      ... 5 more
      Caused by: sun.security.provider.certpath.PKIX$CertStoreTypeException: Invalid name: cn=Actalis Authentication Root CA,o=Actalis S.p.A./03358520967,c=IT
      at java.base/sun.security.provider.certpath.URICertStore.engineGetCRLs(URICertStore.java:362)
      at java.base/java.security.cert.CertStore.getCRLs(CertStore.java:182)
      at java.base/sun.security.provider.certpath.DistributionPointFetcher.getCRL(DistributionPointFetcher.java:233)
      at java.base/sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:176)
      at java.base/sun.security.provider.certpath.DistributionPointFetcher.getCRLs(DistributionPointFetcher.java:107)
      at java.base/sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:586)
      at java.base/sun.security.provider.certpath.RevocationChecker.checkCRLs(RevocationChecker.java:471)
      at java.base/sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:373)
      at java.base/sun.security.provider.certpath.RevocationChecker.check(RevocationChecker.java:343)
      at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
      ... 11 more

      more info can be found here : https://bugs.openjdk.org/browse/JDK-8224768

      Attachments

        Issue Links

          Activity

            People

              rhalade Rajan Halade
              mbaesken Matthias Baesken
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: