The default encryption algorithms used in a PKCS #12 keystore have been updated. The new algorithms are based on AES-256 and SHA-256 and are stronger than the old algorithms that were based on RC2, DESede, and SHA-1. See the security properties starting with `keystore.pkcs12` in the `java.security` file for detailed information.

For compatibility, a new system property named `keystore.pkcs12.legacy` is defined that will revert the algorithms to use the older, weaker algorithms. There is no value defined for this property.