On Thu, 3 Apr 2025 20:30:33 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
>> Matthew Donovan has updated the pull request with a new target base due to a >> merge or a rebase. The pull request now contains seven commits: >> >> - reversed order of DN strings when making certificates. >> - Merge branch 'master' into certbuilder >> - Merge branch 'master' into certbuilder >> - Merge branch 'master' into certbuilder >> - Merge branch 'master' into certbuilder >> - changed boolean array initialization >> - 8325766: Review seclibs tests for cert expiry > > test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java line > 243: > >> 241: .addBasicConstraintsExt(false, false, -1) >> 242: >> .addExtension(CertificateBuilder.createIPSubjectAltNameExt(true, >> "127.0.0.1")) >> 243: .build(trustedCert, caKeys.getPrivate(), "MD5WithRSA"); > > MD5 algorithm is not allowed in TLSv1.3 I'll address this in [JDK-8353738](https://bugs.openjdk.org/browse/JDK-8353738) ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/23700#discussion_r2050704560
