Add subject alt to JKS store and re-enable OkHttp SSL tests

Closes spring-projectsgh-35106

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/client/ClientHttpRequestFactoriesOkHttp3Tests.java

@@ -19,7 +19,6 @@
 import java.io.File;
 
 import okhttp3.OkHttpClient;
-import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
 import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
@@ -67,9 +66,4 @@ protected long readTimeout(OkHttp3ClientHttpRequestFactory requestFactory) {
 		return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
 	}
 
-	@Override
-	@Disabled("OkHostnameVerifier fails because the JSK doesn't have a type 2 SubjectAltName")
-	void connectWithSslBundle() throws Exception {
-	}
-
 }

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/client/ClientHttpRequestFactoriesOkHttp4Tests.java

@@ -19,7 +19,6 @@
 import java.io.File;
 
 import okhttp3.OkHttpClient;
-import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
 import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
@@ -65,9 +64,4 @@ protected long readTimeout(OkHttp3ClientHttpRequestFactory requestFactory) {
 		return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
 	}
 
-	@Override
-	@Disabled("OkHostnameVerifier fails because the JSK doesn't have a type 2 SubjectAltName")
-	void connectWithSslBundle() throws Exception {
-	}
-
 }

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/server/AbstractServletWebServerFactoryTests.java

@@ -458,7 +458,7 @@ void sslKeyAlias() throws Exception {
 				new ExampleServlet(true, false), "/hello");
 		this.webServer = factory.getWebServer(registration);
 		this.webServer.start();
-		TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("3a3aaec8");
+		TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("6454C1DC");
 		SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build();
 		PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create()
 			.setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext))
@@ -1628,7 +1628,7 @@ private SerialNumberValidatingTrustSelfSignedStrategy(String serialNumber) {
 		@Override
 		public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
 			String hexSerialNumber = chain[0].getSerialNumber().toString(16);
-			boolean isMatch = hexSerialNumber.equals(this.serialNumber);
+			boolean isMatch = hexSerialNumber.equalsIgnoreCase(this.serialNumber);
 			return super.isTrusted(chain, authType) && isMatch;
 		}