Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8222136

Remove two Comodo root CA certificates that are expiring

    XMLWordPrintable

Details

    • b21
    • Verified

    Backports

      Description

        The following root certificates (subject DNs below) are expiring on Jul 09 2019:

        1. CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
        2. CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
        3. CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

        The replacement root (for all 3) is "USERTrust RSA Certification Authority" (https://crt.sh/?id=1199354), which is already in the Java root store.

        The first two roots can be safely removed after they expire. However, the 3rd root should be retained since there were many code signing certificates issued that chain back to this root and removing this root could break signed code that was also timestamped and is still in use. In this case, the root CA is still needed in order to properly verify the certificate chain.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8223972 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8223973 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8223974 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8223975 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8224102 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8224237 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8224903 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8224929 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8224938 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8227164 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8228201 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8228956 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8229683 Remove two Comodo root CA certificates that are expiring

            • P3 - Major loss of function.
            • Resolved
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8222133 Add temporary exceptions for root certs that are due to expire soon

            • P3 - Major loss of function.
            • Resolved

            Activity

              People

                rhalade Rajan Halade
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: