From 2e51fd6dce6a06169207f4cc66bce1665587b372 Mon Sep 17 00:00:00 2001
From: Rudy De Busscher <rudy.de.busscher@payara.fish>
Date: Sat, 2 Nov 2019 12:10:02 +0100
Subject: [PATCH] Log expired certificates as warning

---
 .../enterprise/security/ssl/impl/SecuritySupportImpl.java   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java b/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java
index 060e204571e..ad8693d0ccf 100644
--- a/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java
+++ b/nucleus/security/ssl-impl/src/main/java/com/sun/enterprise/security/ssl/impl/SecuritySupportImpl.java
@@ -45,7 +45,7 @@
 import static java.util.Arrays.copyOf;
 import static java.util.logging.Level.FINE;
 import static java.util.logging.Level.FINEST;
-import static java.util.logging.Level.SEVERE;
+import static java.util.logging.Level.WARNING;
 
 import java.io.BufferedInputStream;
 import java.io.FileInputStream;
@@ -118,7 +118,7 @@ public class SecuritySupportImpl extends SecuritySupport {
 
     protected static final Logger _logger = Logger.getLogger(SEC_SSL_LOGGER, SHARED_LOGMESSAGE_RESOURCE);
 
-    @LogMessageInfo(message = "The SSL certificate has expired: {0}", level = "SEVERE", cause = "Certificate expired.", action = "Check the expiration date of the certicate.")
+    @LogMessageInfo(message = "The SSL certificate has expired: {0}", level = "WARNING", cause = "Certificate expired.", action = "Check the expiration date of the certificate.")
     private static final String SSL_CERT_EXPIRED = "NCLS-SECURITY-05054";
 
     private static final String DEFAULT_KEYSTORE_PASS = "changeit";
@@ -569,7 +569,7 @@ private void checkCertificateDates(KeyStore keyStore) throws KeyStoreException {
             Certificate certificate = keyStore.getCertificate(aliases.nextElement());
             if (certificate instanceof X509Certificate) {
                 if (((X509Certificate) certificate).getNotAfter().before(initDate)) {
-                    _logger.log(SEVERE, SSL_CERT_EXPIRED, certificate);
+                    _logger.log(WARNING, SSL_CERT_EXPIRED, certificate);
                 }
             }
         }