On Tue, 2 May 2023 21:11:09 GMT, Jiangli Zhou <jian...@openjdk.org> wrote:
>> Thanks for the explanation. Please file a different issue for this change, >> since it is outside the scope of this issue, which is to specifically add >> new roots that have been approved by the Java SE CA Root Program processes. >> Updated roots, even for small changes such as this, should be handled and >> approved using an equivalent process. > > Reverted src/java.base/share/data/cacerts/globalsigneccrootcar4 in this PR. > Looks like the update for "globalsigneccrootcar4 [jdk]" in > test/jdk/sun/security/lib/cacerts/VerifyCACerts.java also needs to be > reverted, otherwise the test fails with the following error. I'll go ahead > and revert that as well. > > > ERROR: wrong > checksum72:03:89:C2:7B:BF:87:87:E1:65:44:6E:43:5C:65:FF:B5:E8:F9:4C:8A:D1:63:6D:D1:91:4C:AD:1C:9A:CB:3B > Expected > checksum23:6E:7A:1C:37:AD:82:31:FD:32:E8:31:63:4B:1A:88:BA:1A:4D:F6:D3:91:CD:0F:B4:09:EC:55:9A:B2:01:51 > ERROR: globalsigneccrootcar4 [jdk] SHA-256 fingerprint is incorrect > java.lang.RuntimeException: At least one cacert test failed > at VerifyCACerts.main(VerifyCACerts.java:380) > at > java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103) > at java.base/java.lang.reflect.Method.invoke(Method.java:578) > at > com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138) > at java.base/java.lang.Thread.run(Thread.java:1592) Done. Also updated 'CHECKSUM' value in test/jdk/sun/security/lib/cacerts/VerifyCACerts.java reflectively. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/13754#discussion_r1183075098
