-
Sub-task
-
Resolution: Unresolved
-
P4
-
None
-
None
-
None
From ForwardBuilder when JDK tries to get and print matching certificates, there are multiple lines for a single cert.
e.g
certpath: ForwardBuilder.getMatchingEECerts()...
certpath: X509CertSelector.match(SN: 1b00040127395d900b55605c31000100040127
Issuer: CN=DOSMSSUBCA, DC=dos, DC=state, DC=gov
Subject: CN=CaSoaClassSbx.ca.state.sbu, OU=CLASS Project Team, O=SOSI, L=Rosslyn, ST=Virginia, C=US)
certpath: X509CertSelector.match returning: true
certpath: X509CertSelector.match(SN: cf08e5c0816a5ad427ff0eb271859d0
Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
Subject: CN=SecureTrust CA, O=SecureTrust Corporation, C=US)
certpath: X509CertSelector.match: certs don't match
certpath: X509CertSelector.match(SN: cf08e5c0816a5ad427ff0eb271859d0
Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
Subject: CN=SecureTrust CA, O=SecureTrust Corporation, C=US)
certpath: X509CertSelector.match: subject DNs don't match
Can it be improvised to just print serial number (SN) of the certificate as already the certs are printed in debug mode.
So based on SN it can be backtrack.
e.g.
certpath: X509CertSelector.match: found match cert SN: 1b000401 27395d90 0b55605c 31000100 040127 from <truststore name>
certpath: X509CertSelector.match: not found match cert SN: 1b000401 27395d90 0b55605c 31000100 040127 from <truststore name>
certpath: X509CertSelector.match: subject DNs don't match for cert SN: 1b000401 27395d90 0b55605c 31000100 040127 from <truststore name>
e.g
certpath: ForwardBuilder.getMatchingEECerts()...
certpath: X509CertSelector.match(SN: 1b00040127395d900b55605c31000100040127
Issuer: CN=DOSMSSUBCA, DC=dos, DC=state, DC=gov
Subject: CN=CaSoaClassSbx.ca.state.sbu, OU=CLASS Project Team, O=SOSI, L=Rosslyn, ST=Virginia, C=US)
certpath: X509CertSelector.match returning: true
certpath: X509CertSelector.match(SN: cf08e5c0816a5ad427ff0eb271859d0
Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
Subject: CN=SecureTrust CA, O=SecureTrust Corporation, C=US)
certpath: X509CertSelector.match: certs don't match
certpath: X509CertSelector.match(SN: cf08e5c0816a5ad427ff0eb271859d0
Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
Subject: CN=SecureTrust CA, O=SecureTrust Corporation, C=US)
certpath: X509CertSelector.match: subject DNs don't match
Can it be improvised to just print serial number (SN) of the certificate as already the certs are printed in debug mode.
So based on SN it can be backtrack.
e.g.
certpath: X509CertSelector.match: found match cert SN: 1b000401 27395d90 0b55605c 31000100 040127 from <truststore name>
certpath: X509CertSelector.match: not found match cert SN: 1b000401 27395d90 0b55605c 31000100 040127 from <truststore name>
certpath: X509CertSelector.match: subject DNs don't match for cert SN: 1b000401 27395d90 0b55605c 31000100 040127 from <truststore name>