8225068: Remove DocuSign root certificate that is expiring in May 2020

Reviewed-by: mullan

8225068: Remove DocuSign root certificate that is expiring in May 2020
Reviewed-by: mullan
e16635d0 · rhalade · 8acd5cb1 · 8acd5cb1 · e16635d0
隐藏空白更改
内联并排

Showing with 3 addition and 37 deletion

make/data/cacerts/keynectisrootca make/data/cacerts/keynectisrootca +0 -30

test/sun/security/lib/cacerts/VerifyCACerts.java test/sun/security/lib/cacerts/VerifyCACerts.java +3 -7

未找到文件。
--- a/make/data/cacerts/keynectisrootca
+++ b/make/data/cacerts/keynectisrootca
-Owner: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
-Issuer: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
-Serial number: 1121bc276c5547af584eefd4ced629b2a285
-Valid from: Tue May 26 00:00:00 GMT 2009 until: Tue May 26 00:00:00 GMT 2020
-Signature algorithm name: SHA256withRSA
-Subject Public Key Algorithm: 2048-bit RSA key
-Version: 3
-----BEGIN CERTIFICATE-----
-MIID5TCCAs2gAwIBAgISESG8J2xVR69YTu/UztYpsqKFMA0GCSqGSIb3DQEBCwUA
-MEwxCzAJBgNVBAYTAkZSMRIwEAYDVQQKEwlLRVlORUNUSVMxDTALBgNVBAsTBFJP
-T1QxGjAYBgNVBAMTEUtFWU5FQ1RJUyBST09UIENBMB4XDTA5MDUyNjAwMDAwMFoX
-DTIwMDUyNjAwMDAwMFowTDELMAkGA1UEBhMCRlIxEjAQBgNVBAoTCUtFWU5FQ1RJ
-UzENMAsGA1UECxMEUk9PVDEaMBgGA1UEAxMRS0VZTkVDVElTIFJPT1QgQ0EwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG/bMXhaGtJhuVaTUhPaSI+t7b
-YDZAF2nCFGP7uNnCdBU3LpzQIM1pjYQyooVMFLSb8iWzVCqDPy2+D/M7ZNH/oFDv
-d087TuE/C2SFmrpYftLDYtNkJaLUspc8d11jKjOS/M2CDZtUlYf1teuMzVvRyjAv
-yYhGtc0NEbQYj+7RoT5dFegoz9/DkJtszNEMRXezOuuKkB3pr2RqiXupPUN0+uRn
-IqH73E3E9WLJyiW0yYBgM6nde6ACv5YlCl7JXyl7tBeBi22BGdDZg1wFj0FpGmlD
-gJ+or+DpjJGLJyuiJmDND/KkowKDjhiBwheKQxX5bfMdEKRanERhIyF62PvRAgMB
-AAGjgcAwgb0wEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwVwYD
-VR0fBFAwTjBMoEqgSIZGaHR0cDovL3RydXN0Y2VudGVyLWNybC5jZXJ0aWZpY2F0
-Mi5jb20vS2V5bmVjdGlzL0tFWU5FQ1RJU19ST09UX0NBLmNybDAdBgNVHQ4EFgQU
-77cjl9CokX+mz6YhwDSfzHdB4dAwHwYDVR0jBBgwFoAU77cjl9CokX+mz6YhwDSf
-zHdB4dAwDQYJKoZIhvcNAQELBQADggEBABoxaZlCwuVAhaKfksNj1I8hOagZIf56
-/MNNQPMr6EusW0xZk8bcfguvfF+VhWu9x2+6wb74xjpnS5PGBWk+JC3wG5HGPj/s
-QhiTbAMkim75IGcrfG2rNMkqIjMN132P7tI2ZELINZpuGWHLjWfwaKfQJAXmwxe6
-Ra58Q7WAeANNIHMF/EMQnTVpQnWUJYIrpjuQGN7Bqa/zLZW/lafPGJfhWeKirxoW
-YQ33E3FTkzf9PK8AHWyLFK9Gloy2UnzMLU7N4elLCu6a/nqY5ym6G9ocutxrzQQO
-JkCp63M8/lCoESdVvduOS+9PGO0V/72GmGbumiVxNGxQ8bJRy2adTSk=
-----END CERTIFICATE-----
--- a/test/sun/security/lib/cacerts/VerifyCACerts.java
+++ b/test/sun/security/lib/cacerts/VerifyCACerts.java
@@ -26,7 +26,7 @@
 * @test
 * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779
 *      8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136
- *      8223499 8225392 8232019 8234245 8233223
+ *      8223499 8225392 8232019 8234245 8233223 8225068
 * @summary Check root CA entries in cacerts file
 */
 import java.io.ByteArrayInputStream;
@@ -52,12 +52,12 @@ public class VerifyCACerts {
            + File.separator + "security" + File.separator + "cacerts";

    // The numbers of certs now.
-    private static final int COUNT = 93;
+    private static final int COUNT = 92;

    // SHA-256 of cacerts, can be generated with
    // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
    private static final String CHECKSUM
-            = "22:AA:EB:89:4E:A4:EA:25:CA:3E:DA:0F:F1:2B:FA:05:4B:68:C5:E1:3A:F9:03:40:BF:EF:F5:13:7C:CE:BC:60";
+            = "B1:F9:EA:77:B5:21:84:3D:91:90:DD:53:C9:9E:9C:07:62:08:60:74:1D:75:BD:C7:94:B7:5B:AC:DD:49:2C:34";

    // map of cert alias to SHA-256 fingerprint
    @SuppressWarnings("serial")
@@ -152,8 +152,6 @@ public class VerifyCACerts {
                    "69:DD:D7:EA:90:BB:57:C9:3E:13:5D:C8:5E:A6:FC:D5:48:0B:60:32:39:BD:C4:54:FC:75:8B:2A:26:CF:7F:79");
            put("verisignclass3g5ca [jdk]",
                    "9A:CF:AB:7E:43:C8:D8:80:D0:6B:26:2A:94:DE:EE:E4:B4:65:99:89:C3:D0:CA:F1:9B:AF:64:05:E4:1A:B7:DF");
-            put("keynectisrootca [jdk]",
-                    "42:10:F1:99:49:9A:9A:C3:3C:8D:E0:2B:A6:DB:AA:14:40:8B:DD:8A:6E:32:46:89:C1:92:2D:06:97:15:A3:32");
            put("dtrustclass3ca2 [jdk]",
                    "49:E7:A4:42:AC:F0:EA:62:87:05:00:54:B5:25:64:B6:50:E4:F4:9E:42:E3:48:D6:AA:38:E0:39:E9:57:B1:C1");
            put("dtrustclass3ca2ev [jdk]",
@@ -260,8 +258,6 @@ public class VerifyCACerts {
        {
            // Valid until: Tue Jul 09 14:40:36 EDT 2019
            add("utnuserfirstobjectca [jdk]");
-            // Valid until: Tue May 26 00:00:00 GMT 2020
-            add("keynectisrootca [jdk]");
            // Valid until: Sat May 30 10:38:31 GMT 2020
            add("addtrustexternalca [jdk]");
            // Valid until: Sat May 30 10:48:38 GMT 2020