-
Enhancement
-
Resolution: Unresolved
-
P3
-
None
The current security warning should be changed/improved and simplified to note that:
- the algorithms that the JKS and JCEKS keystores are outdated
- the JKS and JCEKS types will be removed in a future release
The proposed new warning is:
"JKS uses outdated cryptographic algorithms and will be removed in a future release. Migrate to PKCS12 using:
keytool -importkeystore -srckeystore <filename> -destkeystore <filename> -deststoretype pkcs12"
- Substitute JKS with JCEKS for JCEKS keystores
- Replace <filename> with the filename of the keystore
- the algorithms that the JKS and JCEKS keystores are outdated
- the JKS and JCEKS types will be removed in a future release
The proposed new warning is:
"JKS uses outdated cryptographic algorithms and will be removed in a future release. Migrate to PKCS12 using:
keytool -importkeystore -srckeystore <filename> -destkeystore <filename> -deststoretype pkcs12"
- Substitute JKS with JCEKS for JCEKS keystores
- Replace <filename> with the filename of the keystore
- relates to
-
JDK-8329251 Print custom truststore/ keystore name
-
- Open
-
- links to
-
Review(master)
openjdk/jdk/27624