Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8243559 Remove root certificates with 1024-bit keys
  3. JDK-8256902

Release Note: Removed Root Certificates with 1024-bit Keys

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Delivered
    • Icon: P3 P3
    • 16
    • 7u311, 8u301, 11.0.12-oracle, 16
    • security-libs
    •  

        The following root certificates with weak 1024-bit RSA public keys have been removed from the `cacerts` keystore:
        ```
        + alias name "thawtepremiumserverca [jdk]"
          Distinguished Name: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

        + alias name "verisignclass2g2ca [jdk]"
          Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

        + alias name "verisignclass3ca [jdk]"
          Distinguished Name: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US

        + alias name "verisignclass3g2ca [jdk]"
          Distinguished Name: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

        + alias name "verisigntsaca [jdk]"
          Distinguished Name: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA

        ```

              mullan Sean Mullan
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: