On Thu, 5 Jun 2025 19:00:27 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Make the test run on TLSv1.3 > > test/jdk/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java line > 1: > >> 1: /* > > Are these changes relevant to this issue? It doesn't use a SunX509 > TrustManager AFAICT. You mean `SunX509` KeyManager? All these existing tests I'm modifying in this PR are using it together with the certificates signed with `MD5withRSA` algorithm. That's why they fail when we add algorithm constraints to SunX509KeyManagerImpl - MD5 is not allowed in TLSv1.3. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/25016#discussion_r2133073579
