Hello, Please review the following changeset for JDK 7u6: http://cr.openjdk.java.net/~vinnie/7168191/
The bug report is at: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7168191 This fix addresses a bug in the OCSP client when processing key-rollover certs. Typically such certs have the same subject name but different keys. Now the OCSP code examines all the matching candidates (not just the first one) both when preparing the request and when validating the response. Thanks.
