[jboss-jira] [JBoss JIRA] (WFCORE-5004) TlsTestCase#testReloadTrustManager fails on IBM Java 8

Sonia Zaldana (Jira) issues at jboss.org
Wed Jun 17 09:24:04 EDT 2020 

    [ https://issues.redhat.com/browse/WFCORE-5004?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14162875#comment-14162875 ] 

Sonia Zaldana commented on WFCORE-5004:
---------------------------------------

When the X500Principal is extracted from the X509Certificate, it contains the email address in encoded form in the canonical representation, so we need to use getName() instead which will use the RFC 2253 representation.

> TlsTestCase#testReloadTrustManager fails on IBM Java 8
> ------------------------------------------------------
>
>                 Key: WFCORE-5004
>                 URL: https://issues.redhat.com/browse/WFCORE-5004
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 13.0.0.Beta1
>            Reporter: Ondrej Kotek
>            Assignee: Sonia Zaldana
>            Priority: Major
>
> TlsTestCase#testReloadTrustManager fails on IBM Java 8 at [TlsTestCase.java#L439|https://github.com/wildfly/wildfly-core/blob/master/elytron/src/test/java/org/wildfly/extension/elytron/TlsTestCase.java#L439] reporting the same DN. When I try to compare using canonical names, there is a difference. Using RFC1779 or RFC2253 names is ok.
> {noformat}
> Assert.assertEquals(originalFoundDN.getIssuerX500Principal().getName(X500Principal.CANONICAL), ISSUER_DN.getName(X500Principal.CANONICAL));
> [ERROR]   TlsTestCase.testReloadTrustManager:439 expected:<....2.840.113549.1.9.1=[#1613656c7974726f6e4077696c64666c792e6f7267],c=uk,st=elytron,cn=...> but was:<....2.840.113549.1.9.1=[elytron at wildfly.org],c=uk,st=elytron,cn=...>
> {noformat}
> Is it just a test issue, or can there be an impact on functionality? In case it's just a test issue, can we assert equality of names? I.e.
> {noformat}
> Assert.assertEquals(originalFoundDN.getIssuerX500Principal().getName(), ISSUER_DN.getName());
> {noformat}
> The same for [TlsTestCase.java#L465|https://github.com/wildfly/wildfly-core/blob/master/elytron/src/test/java/org/wildfly/extension/elytron/TlsTestCase.java#L465] then.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the jboss-jira mailing list