On Wed, 2 Nov 2022 08:24:37 GMT, Rajan Halade <rhal...@openjdk.org> wrote:
>> This fix adds Certigna root CA to cacerts trust store. > > Rajan Halade has updated the pull request with a new target base due to a > merge or a rebase. The incremental webrev excludes the unrelated changes > brought in by the merge/rebase. The pull request contains six additional > commits since the last revision: > > - Merge branch 'openjdk:master' into 8247698-certigna > - Merge branch 'master' into 8247698-certigna > - remove control-M characters > - Added Certigna CA cert and updated VerifyCACerts.java test > - Merge remote-tracking branch 'origin/master' into 8247698-certigna > - 8247698: Evaluate the inclusion of DHIMYOTIS (certigna) roots src/java.base/share/data/cacerts/certignaca line 5: > 3: Serial number: fedce3010fc948ff > 4: Valid from: Fri Jun 29 15:13:05 GMT 2007 until: Tue Jun 29 15:13:05 GMT > 2027 > 5: Signature algorithm name: SHA1withRSA (weak) Don't include "(weak)" in this line. The signature algorithm of root certificates is not a security issue, since the certificate fingerprint has been verified and the public key is trusted directly. ------------- PR: https://git.openjdk.org/jdk/pull/10030
