Alex Rudyy created QPID-8281:
--------------------------------
Summary: [Broker-J] Regenerate test keystores and trustores
containing RSA 1024bit keys
Key: QPID-8281
URL: https://issues.apache.org/jira/browse/QPID-8281
Project: Qpid
Issue Type: Test
Components: Java Tests
Reporter: Alex Rudyy
Fix For: qpid-java-broker-7.1.2, qpid-java-broker-7.0.8,
qpid-java-broker-8.0.0
Unit and integration tests operating with pre-generated test key-stores are
failing with newer JDKs like openjdk-1.8.0.201.b09-2 due to deprecation of RSA
1024bit keys:
{noformat}
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints
check failed on keysize limits. RSA 1024bit key used with certificate:
CN=MyRootCA, O=ACME, ST=Ontario, C=CA. Usage was tls server
at
sun.security.util.DisabledAlgorithmConstraints$KeySizeConstraint.permits(DisabledAlgorithmConstraints.java:817)
at
sun.security.util.DisabledAlgorithmConstraints$Constraints.permits(DisabledAlgorithmConstraints.java:419)
at
sun.security.util.DisabledAlgorithmConstraints.permits(DisabledAlgorithmConstraints.java:167)
at
sun.security.provider.certpath.AlgorithmChecker.check(AlgorithmChecker.java:332)
at
sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:1222)
{noformat}
Test kestores and key materials based on RSA 1024bit keys need to be re-created
with stronger RSA keys
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
