Re: [servlet-dev] Help please -- Servlet TCK test issue

[arjan tijms <arjan.tijms@xxxxxxxxx>]

Hi,

On Wed, Mar 3, 2021 at 12:16 PM Stuart Douglas <sdouglas@xxxxxxxxxx> wrote:

What certs are actually being used? Maybe the certs are super old/insecure.

They are here, and have been updated relatively recently:

https://github.com/eclipse-ee4j/jakartaee-tck/tree/master/install/jakartaee/bin/certificates

$ keytool -list -v -keystore clientcert.jks

Enter keystore password:  

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 1 entry

Alias name: cts

Creation date: 23 Dec 2019

Entry type: PrivateKeyEntry

Certificate chain length: 1

Certificate[1]:

Owner: CN=CTS, OU=Java Software, O=Sun Microsystems Inc., L=Burlington, ST=MA, C=US

Issuer: CN=CTS, OU=Java Software, O=Sun Microsystems Inc., L=Burlington, ST=MA, C=US

Serial number: 68deca39

Valid from: Mon Dec 23 07:21:39 CET 2019 until: Sat Aug 13 08:21:39 CEST 2044

Certificate fingerprints:

SHA1: 34:07:E8:84:5B:5D:FC:DE:58:05:E6:2C:E2:85:76:BF:F7:CD:4B:E1

SHA256: 2D:C2:51:F7:35:45:6D:6E:9C:AE:D7:9C:EA:21:92:C6:17:6C:A2:A8:09:A8:50:22:AC:9C:02:68:94:C9:F1:DF

Signature algorithm name: SHA256withRSA

Subject Public Key Algorithm: 2048-bit RSA key

Version: 3

Extensions: 

#1: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: D6 86 B4 6D AB 78 A9 0E   CB 85 F9 AD F6 AC 79 9D  ...m.x........y.

0010: 30 C7 67 61                                        0.ga

]

]

*******************************************

*******************************************