The JDK implementation (as supplied by the SUN provider) of `X509Certificate::getSubjectAlternativeNames`, `X509Certificate::getIssuerAlternativeNames` and `X509Certificate::getExtendedKeyUsage` now throws `CertificateParsingException` instead of returning `null` when the extension is non-critical and unparseable (badly encoded or contains invalid values). This change in behavior is compliant with the specification of these methods.