diff --git a/clients/src/main/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapper.java b/clients/src/main/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapper.java index cae9e19ad2..078d1217eb 100644 --- a/clients/src/main/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapper.java +++ b/clients/src/main/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapper.java @@ -29,7 +29,6 @@ import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; -import java.security.Principal; import java.security.PublicKey; import java.security.SignatureException; import java.security.cert.CertificateEncodingException; @@ -320,9 +319,12 @@ public int getBasicConstraints() { return this.origCertificate.getBasicConstraints(); } + // Suppressing deprecation warning: We must override this deprecated abstract method, + // but we return X500Principal (non-deprecated) via getIssuerX500Principal() + @SuppressWarnings("deprecation") @Override - public Principal getIssuerDN() { - return this.origCertificate.getIssuerDN(); + public X500Principal getIssuerDN() { + return this.origCertificate.getIssuerX500Principal(); } @Override @@ -370,9 +372,12 @@ public byte[] getSignature() { return this.origCertificate.getSignature(); } + // Suppressing deprecation warning: We must override this deprecated abstract method, + // but we return X500Principal (non-deprecated) via getSubjectX500Principal() + @SuppressWarnings("deprecation") @Override - public Principal getSubjectDN() { - return this.origCertificate.getSubjectDN(); + public X500Principal getSubjectDN() { + return this.origCertificate.getSubjectX500Principal(); } @Override diff --git a/clients/src/test/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapperTest.java b/clients/src/test/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapperTest.java index 85ddaf4917..c0a4dd415e 100644 --- a/clients/src/test/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapperTest.java +++ b/clients/src/test/java/org/apache/kafka/common/security/ssl/CommonNameLoggingTrustManagerFactoryWrapperTest.java @@ -122,7 +122,7 @@ void testNeverExpiringX509Certificate() throws Exception { wrappedCert.hasUnsupportedCriticalExtension()); // We have just generated a valid test certificate, it should still be valid now assertEquals(cert.getBasicConstraints(), wrappedCert.getBasicConstraints()); - assertEquals(cert.getIssuerDN(), wrappedCert.getIssuerDN()); + assertEquals(cert.getIssuerX500Principal(), wrappedCert.getIssuerDN()); assertEquals(cert.getIssuerUniqueID(), wrappedCert.getIssuerUniqueID()); assertEquals(cert.getKeyUsage(), wrappedCert.getKeyUsage()); assertEquals(cert.getNotAfter(), wrappedCert.getNotAfter()); @@ -132,7 +132,7 @@ void testNeverExpiringX509Certificate() throws Exception { assertEquals(cert.getSigAlgOID(), wrappedCert.getSigAlgOID()); assertArrayEquals(cert.getSigAlgParams(), wrappedCert.getSigAlgParams()); assertArrayEquals(cert.getSignature(), wrappedCert.getSignature()); - assertEquals(cert.getSubjectDN(), wrappedCert.getSubjectDN()); + assertEquals(cert.getSubjectX500Principal(), wrappedCert.getSubjectDN()); assertEquals(cert.getSubjectUniqueID(), wrappedCert.getSubjectUniqueID()); assertArrayEquals(cert.getTBSCertificate(), wrappedCert.getTBSCertificate()); assertEquals(cert.getVersion(), wrappedCert.getVersion());