Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8168868

Add additional admin-level documentation for trusted certs not being "disabled"

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P3
    • 15
    • None
    • docs

    Description

      This is a companion bug to JDK-8168822. I think this information needs to be done throughout our Eco-sphere, especially where admins might go looking. The term "AlgorithmConstraints" won't mean much to an admin looking to figure out why a cert with a disabled algorithm was accepted.

      I looked in what I thought would be the "obvious/expected places" below, but didn't find anything. Some suggestions might be:
          
          <java-home>/conf/security/java.security (addressed in JDK-8168822)

          https://www.java.com/en/jre-jdk-cryptoroadmap.html

          http://www.oracle.com/technetwork/java/javase/8u71-relnotes-2773756.html#newft

          JPG blog
             (i.e. an article like https://blogs.oracle.com/java-platform-group/entry/strengthening_signatures)

          JSSE Ref Guide troubleshooting

          CertPath (if not already there)

      Attachments

        Issue Links

          Activity

            People

              rgallard Raymond Gallardo
              wetmore Bradford Wetmore
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: