Skip to content

Fix Issue 7197: Invalid No X509Certificate found WARNING spam from CertificateRealm#7913

Open
dx-coding wants to merge 5 commits intopayara:mainfrom
dx-coding:issue-7197
Open

Fix Issue 7197: Invalid No X509Certificate found WARNING spam from CertificateRealm#7913
dx-coding wants to merge 5 commits intopayara:mainfrom
dx-coding:issue-7197

Conversation

@dx-coding
Copy link

@dx-coding dx-coding commented Jan 29, 2026

Description

Fixed a bug in CertificateRealm.getCertificateFromSubject() where the method was incorrectly matching certificates against the IssuerX500Principal instead of the SubjectX500Principal.

According to the method name and its purpose, it should match against the certificate's subject (the entity the certificate is issued to), not the issuer (the CA that signed the certificate).

Important Info

Blockers

N/A

Testing

New tests

Created new test nucleus/security/core/src/test/java/com/sun/enterprise/security/auth/realm/certificate/CertificateRealmTest.java

Testing Performed

Ran mvn test -Dtest=CertificateRealmTest -pl nucleus/security/core successfully
Verified the fix correctly identifies certificates by their subject rather than issuer

Testing Environment

Ubuntu 22.04, Maven 3.6.3, JDK 21.0.7

Documentation

Closes #7197

Notes for Reviewers

N/A

@kalinchan kalinchan added the PR: Awaiting CLA Contributor does not have a CLA or has submitted an unconfirmed CLA. label Jan 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

PR: Awaiting CLA Contributor does not have a CLA or has submitted an unconfirmed CLA.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bug Report: Invalid No X509Certificate found WARNING spam from CertificateRealm

3 participants

@dx-coding @bdrx312 @kalinchan