Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8333640

security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#teliasonerarootcav1 fails

    XMLWordPrintable

Details

    Description

      We see for some days errors in the jtreg test security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#teliasonerarootcav1 .
      stdout says :
      =====================================================
      CONFIGURATION
      =====================================================
      http.proxyHost :null
      http.proxyPort :null
      https.proxyHost :null
      https.proxyPort :null
      https.socksProxyHost :null
      https.socksProxyPort :null
      jdk.certpath.disabledAlgorithms :MD2, MD5, SHA1 jdkCA & usage TLSServer, RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, SHA1 usage SignedJAR & denyAfter 2019-01-01
      com.sun.security.enableCRLDP :false
      ocsp.enable :true
      =====================================================

      ===== Validate https://juolukka.cover.sonera.net:10443=====
      Finding intermediate certificate issued by CA
      Checking: CN=cps.trust.telia.com
      Issuer: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
      Checking: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
      Issuer: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
      Checking: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
      Issuer: CN=TeliaSonera Root CA v1, O=TeliaSonera
      Found intermediate root CA: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
      intermediate CA Issuer: CN=TeliaSonera Root CA v1, O=TeliaSonera
      Verified: Intermediate CA signed by test root CA
      ======> SUCCESS

      ===== Validate https://juolukka.cover.sonera.net:10444=====
      SSLHandshakeException: (certificate_revoked) PKIX path validation failed: java.security.cert.CertPathValidatorException: Certificate has been revoked, reason: UNSPECIFIED, revocation date: Sat Jun 01 04:22:03 CEST 2024, authority: CN=Telia Domain Validation CA v3 OCSP responder, O=Telia Finland Oyj, C=FI, extension OIDs: []
      Certificate is revoked
      Finding intermediate certificate issued by CA
      Checking: CN=cps.trust.telia.com
      Issuer: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
      Checking: CN=Telia Domain Validation CA v3, O=Telia Finland Oyj, C=FI
      Issuer: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI

      Does it have to do with the revocation date: Sat Jun 01 04:22:03 CEST 2024, ?

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. JDK-8333654 security/cert/CertPathValidator/certification/CAInterop.java#teliasonerarootcav1 test fails intermediate root CA chain check

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JDK-8210432 Add additional TeliaSonera root certificate

          • P2 - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              rhalade Rajan Halade
              mbaesken Matthias Baesken
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: