bcc-ing jdk-dev. Please followup on security-dev (copied) if you have
further replies.
Thanks for your post.
New root CA requests must be initiated by the CA using the process at [1].
That said, Harica has already applied for adding their 2021 roots and
their application is being processed.
--Sean
[1]: https://www.oracle.com/java/technologies/javase/carootcertsprogram.html
On 2/12/26 3:32 AM, Jean-René Rouet wrote:
Hi everyone,
In the European public research community, we rely on the Harica.gr
certificate authority to manage our server X.509 certificates.
I recently discovered that the Harica.gr root certificate has not been
included in OpenJDK since February 2021 (across all recent versions),
even though it remains present in commonly used operating systems and
browsers.
Given our requirements, we specifically need support for the 2021
certificate versions.
While manually adding the certificate via the keytool command is
possible, would it be feasible to integrate it directly into OpenJDK?
Thank you for your attention to this matter.
Best regards,
Jean-René ROUET
CNRS
