8241003: Deprecate "denigrated" java.security.cert APIs that represent DNs as Principal or String objects

Reviewed-by: xuelei, valeriep, weijun
2025-08-28 15:24:43 +02:00 · 2020-08-26 13:31:10 -04:00 · 2020-08-26 13:31:10 -04:00 · f879698c63
commit f879698c63
parent 0df797de94
16 changed files with 115 additions and 105 deletions
--- a/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
+++ b/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
@ -93,7 +93,7 @@ public class AnchorCertificates {
        boolean result = certs.contains(key);
        if (result && debug != null) {
            debug.println("AnchorCertificate.contains: matched " +
-                    cert.getSubjectDN());
+                    cert.getSubjectX500Principal());
        }
        return result;
    }
--- a/src/java.base/share/classes/sun/security/util/HostnameChecker.java
+++ b/src/java.base/share/classes/sun/security/util/HostnameChecker.java
@ -242,6 +242,7 @@ public class HostnameChecker {
     *
     * This method is currently used from within JSSE, do not remove.
     */
+    @SuppressWarnings("deprecation")
    public static X500Name getSubjectX500Name(X509Certificate cert)
            throws CertificateParsingException {
        try {