On Tuesday 28 March 2017 11:41 AM, Ed Warnicke wrote: > Anil, > > That's OpenJDK. The cert has to be recognized by Oracle JDK as well. It > is not. > > Ed > > On Mon, Mar 27, 2017 at 6:29 PM, Anil Belur <[email protected]> > wrote: > >> >> Hello Ed, >> >> With a more recent version of JDK shows IdenTrust is available which is >> intermediate CA being used is available in [1.]. >> >> # keytool -list -v -keystore >> /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.121-0.b13.el7_3. >> x86_64/jre/lib/security/cacerts >> | grep 'Issuer:' | grep 'CN=IdenTrust' >> ... >> Issuer: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US >> Issuer: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US >> Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. >> >> We would recommend updating the more latest version of JDK, and let us >> know if this resolves the issue. >> >> [1.] https://bugs.openjdk.java.net/browse/JDK-8161008 >> >> Thanks, >> Anil >> >>
Ed, Please refer to output with Oracle JDK (jdk1.8.0_121) below: # /usr/java/jdk1.8.0_121/bin/keytool -list -v -keystore /usr/java/jdk1.8.0_121/jre/lib/security/cacerts | grep 'Issuer:' | egrep '(Iden|DST)' Enter keystore password: Issuer: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. Issuer: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US Let us know if this works. My apologies for the confusion. Thanks, Anil
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Discuss mailing list [email protected] https://lists.opendaylight.org/mailman/listinfo/discuss
