-
Bug
-
Resolution: Fixed
-
P3
-
24
-
b15
-
generic
-
generic
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8344121 | 21.0.7-oracle | Ramesh Gangadhar | P3 | Resolved | Fixed | b01 |
| JDK-8345708 | 21.0.7 | Goetz Lindenmaier | P3 | Resolved | Fixed | master |
| JDK-8344125 | 17.0.15-oracle | Ramesh Gangadhar | P3 | Resolved | Fixed | b01 |
| JDK-8345722 | 17.0.15 | Goetz Lindenmaier | P3 | Resolved | Fixed | master |
| JDK-8344126 | 11.0.27-oracle | Ramesh Gangadhar | P3 | Resolved | Fixed | b01 |
| JDK-8344167 | 8u451 | Ramesh Gangadhar | P3 | Resolved | Fixed | b01 |
The following test failed in the JDK24 CI:
sun/security/validator/samedn.sh
Here's a snippet from the log file:
#-----testresult-----
description=file\:/System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/src.full/open/test/jdk/sun/security/validator/samedn.sh
elapsed=2664 0\:00\:02.664
end=Tue Aug 06 14\:41\:12 GMT 2024
environment=regtest
execStatus=Failed. Execution failed\: exit code 1
harnessLoaderMode=Classpath Loader
harnessVariety=Full Bundle
hostname=jpg-mac-arm-730.oraclecorp.com
javatestOS=Mac OS X 14.4.1 (aarch64)
javatestVersion=6.0-ea+b24-2022-09-27-9149bb7
jtregVersion=jtreg 7.4 1
modules=java.base/sun.security.validator
script=com.sun.javatest.regtest.exec.RegressionScript
sections=script_messages shell
start=Tue Aug 06 14\:41\:09 GMT 2024
test=sun/security/validator/samedn.sh
testJDK=/System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/macosx-aarch64.jdk/jdk-24.jdk/Contents/Home
testJDK_OS=[name\:Mac OS X,arch\:aarch64,version\:14.4.1,family\:mac,simple_arch\:aarch64,simple_version\:14.4,processors\:8,maxMemory\:17179869184,maxSwap\:2147483648]
testJDK_os.arch=aarch64
testJDK_os.name=Mac OS X
testJDK_os.version=14.4.1
totalTime=2665
user.name=mach5-one
work=/System/Volumes/Data/mesos/work_dir/slaves/a4a7850a-7c35-410a-b879-d77fbb2f6087-S165353/frameworks/1735e8a2-a1db-478c-8104-60c8b0af87dd-0196/executors/0d16d676-f7c0-42cb-a59a-49cf2dbea917/runs/726fe1e8-d1cc-4bc3-91ec-ffcff41a00d2/testoutput/test-support/jtreg_open_test_jdk_tier2_part1/sun/security/validator
#section:script_messages
----------messages:(4/293)----------
JDK under test: /System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/macosx-aarch64.jdk/jdk-24.jdk/Contents/Home
java version "24-ea" 2025-03-18
Java(TM) SE Runtime Environment (build 24-ea+10-1044)
Java HotSpot(TM) 64-Bit Server VM (build 24-ea+10-1044, mixed mode, sharing)
#section:shell
----------messages:(5/196)----------
command: shell samedn.sh
reason: Assumed action based on file name: run shell samedn.sh
started: Tue Aug 06 14:41:09 GMT 2024
finished: Tue Aug 06 14:41:12 GMT 2024
elapsed time (seconds): 2.663
----------System.out:(1/8)----------
Chain:
----------System.err:(53/3449)----------
Generating 3,072 bit RSA key pair and self-signed certificate (MD5withRSA) with a validity of 90 days
for: CN=CA
Warning:
The -keyalg option is specified multiple times. All except the last one will be ignored.
The generated certificate uses the MD5withRSA signature algorithm which is considered a security risk and is disabled.
Generating 3,072 bit RSA key pair and self-signed certificate (SHA1withRSA) with a validity of 90 days
for: CN=CA
Warning:
The -keyalg option is specified multiple times. All except the last one will be ignored.
The generated certificate uses the SHA1withRSA signature algorithm which is considered a security risk.
Generating 3,072 bit RSA key pair and self-signed certificate (SHA384withRSA) with a validity of 90 days
for: CN=User
Warning:
The -keyalg option is specified multiple times. All except the last one will be ignored.
Warning:
The issuer uses the MD5withRSA signature algorithm which is considered a security risk and is disabled.
Warning:
The issuer uses the SHA1withRSA signature algorithm which is considered a security risk.
Warning:
The certificate uses the MD5withRSA signature algorithm which is considered a security risk and is disabled.
Warning:
The certificate uses the SHA1withRSA signature algorithm which is considered a security risk.
Note: /System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/src.full/open/test/jdk/sun/security/validator/CertReplace.java uses unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
Exception in thread "main" sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
at java.base/sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:318)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:256)
at java.base/sun.security.validator.Validator.validate(Validator.java:256)
at java.base/sun.security.validator.Validator.validate(Validator.java:223)
at java.base/sun.security.validator.Validator.validate(Validator.java:199)
at CertReplace.main(CertReplace.java:51)
Caused by: java.security.cert.CertPathValidatorException: validity check failed
at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:224)
at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:144)
at java.base/sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:83)
at java.base/java.security.cert.CertPathValidator.validate(CertPathValidator.java:309)
at java.base/sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:313)
... 5 more
Caused by: java.security.cert.CertificateNotYetValidException: NotBefore: Tue Aug 06 14:41:13 GMT 2024
at java.base/sun.security.x509.CertificateValidity.valid(CertificateValidity.java:178)
at java.base/sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:534)
at java.base/sun.security.provider.certpath.BasicChecker.verifyValidity(BasicChecker.java:190)
at java.base/sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:144)
at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
... 10 more
----------rerun:(30/3918)*----------
sun/security/validator/samedn.sh
Here's a snippet from the log file:
#-----testresult-----
description=file\:/System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/src.full/open/test/jdk/sun/security/validator/samedn.sh
elapsed=2664 0\:00\:02.664
end=Tue Aug 06 14\:41\:12 GMT 2024
environment=regtest
execStatus=Failed. Execution failed\: exit code 1
harnessLoaderMode=Classpath Loader
harnessVariety=Full Bundle
hostname=jpg-mac-arm-730.oraclecorp.com
javatestOS=Mac OS X 14.4.1 (aarch64)
javatestVersion=6.0-ea+b24-2022-09-27-9149bb7
jtregVersion=jtreg 7.4 1
modules=java.base/sun.security.validator
script=com.sun.javatest.regtest.exec.RegressionScript
sections=script_messages shell
start=Tue Aug 06 14\:41\:09 GMT 2024
test=sun/security/validator/samedn.sh
testJDK=/System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/macosx-aarch64.jdk/jdk-24.jdk/Contents/Home
testJDK_OS=[name\:Mac OS X,arch\:aarch64,version\:14.4.1,family\:mac,simple_arch\:aarch64,simple_version\:14.4,processors\:8,maxMemory\:17179869184,maxSwap\:2147483648]
testJDK_os.arch=aarch64
testJDK_os.name=Mac OS X
testJDK_os.version=14.4.1
totalTime=2665
user.name=mach5-one
work=/System/Volumes/Data/mesos/work_dir/slaves/a4a7850a-7c35-410a-b879-d77fbb2f6087-S165353/frameworks/1735e8a2-a1db-478c-8104-60c8b0af87dd-0196/executors/0d16d676-f7c0-42cb-a59a-49cf2dbea917/runs/726fe1e8-d1cc-4bc3-91ec-ffcff41a00d2/testoutput/test-support/jtreg_open_test_jdk_tier2_part1/sun/security/validator
#section:script_messages
----------messages:(4/293)----------
JDK under test: /System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/macosx-aarch64.jdk/jdk-24.jdk/Contents/Home
java version "24-ea" 2025-03-18
Java(TM) SE Runtime Environment (build 24-ea+10-1044)
Java HotSpot(TM) 64-Bit Server VM (build 24-ea+10-1044, mixed mode, sharing)
#section:shell
----------messages:(5/196)----------
command: shell samedn.sh
reason: Assumed action based on file name: run shell samedn.sh
started: Tue Aug 06 14:41:09 GMT 2024
finished: Tue Aug 06 14:41:12 GMT 2024
elapsed time (seconds): 2.663
----------System.out:(1/8)----------
Chain:
----------System.err:(53/3449)----------
Generating 3,072 bit RSA key pair and self-signed certificate (MD5withRSA) with a validity of 90 days
for: CN=CA
Warning:
The -keyalg option is specified multiple times. All except the last one will be ignored.
The generated certificate uses the MD5withRSA signature algorithm which is considered a security risk and is disabled.
Generating 3,072 bit RSA key pair and self-signed certificate (SHA1withRSA) with a validity of 90 days
for: CN=CA
Warning:
The -keyalg option is specified multiple times. All except the last one will be ignored.
The generated certificate uses the SHA1withRSA signature algorithm which is considered a security risk.
Generating 3,072 bit RSA key pair and self-signed certificate (SHA384withRSA) with a validity of 90 days
for: CN=User
Warning:
The -keyalg option is specified multiple times. All except the last one will be ignored.
Warning:
The issuer uses the MD5withRSA signature algorithm which is considered a security risk and is disabled.
Warning:
The issuer uses the SHA1withRSA signature algorithm which is considered a security risk.
Warning:
The certificate uses the MD5withRSA signature algorithm which is considered a security risk and is disabled.
Warning:
The certificate uses the SHA1withRSA signature algorithm which is considered a security risk.
Note: /System/Volumes/Data/mesos/work_dir/jib-master/install/jdk-24+10-1044/src.full/open/test/jdk/sun/security/validator/CertReplace.java uses unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
Exception in thread "main" sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
at java.base/sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:318)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:256)
at java.base/sun.security.validator.Validator.validate(Validator.java:256)
at java.base/sun.security.validator.Validator.validate(Validator.java:223)
at java.base/sun.security.validator.Validator.validate(Validator.java:199)
at CertReplace.main(CertReplace.java:51)
Caused by: java.security.cert.CertPathValidatorException: validity check failed
at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:224)
at java.base/sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:144)
at java.base/sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:83)
at java.base/java.security.cert.CertPathValidator.validate(CertPathValidator.java:309)
at java.base/sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:313)
... 5 more
Caused by: java.security.cert.CertificateNotYetValidException: NotBefore: Tue Aug 06 14:41:13 GMT 2024
at java.base/sun.security.x509.CertificateValidity.valid(CertificateValidity.java:178)
at java.base/sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:534)
at java.base/sun.security.provider.certpath.BasicChecker.verifyValidity(BasicChecker.java:190)
at java.base/sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:144)
at java.base/sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
... 10 more
----------rerun:(30/3918)*----------
- backported by
-
JDK-8344121 Test sun/security/validator/samedn.sh CertificateNotYetValidException: NotBefore validation
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- links to
-
Commit(master)
openjdk/jdk17u-dev/c15715a5
-
Commit(master)
openjdk/jdk21u-dev/e2daa351
-
Commit(master)
openjdk/jdk/a505a1dd
-
Review(master)
openjdk/jdk17u-dev/3099
-
Review(master)
openjdk/jdk21u-dev/1204
-
Review(master)
openjdk/jdk/20728
(1 backported by, 6 links to)