-
Type:
Sub-task
-
Resolution: Unresolved
-
Priority:
P4
-
None
-
Affects Version/s: None
-
Component/s: security-libs
-
None
-
Fix Understood
The tools and KeyStore APIs has been updated to warn users when legacy JKS and JCEKS keystores are used, as they use outdated cryptographic algorithms and will be removed in a future release. Users are advised to migrate to the PKCS12 keystore using the keytool -importkeystore command.
The following changes have been made:
The existing warning emitted by the keytool tool has been updated to warn the removal of the JKS and JCEKS keystores.
The jarsigner tool has been updated to emit a warning when JKS or JCEKS keystores are used.
The KeyStore.load() and KeyStore.store() APIs have been updated to emit a debug warning when operating on JKS or JCEKS keystores and the java.security.debug=keystore is enabled.
All warnings inform the user that JKS and JCEKS use outdated cryptographic algorithms and will be removed in a future release. Users are advised to migrate to the PKCS12 keystore.
The following changes have been made:
The existing warning emitted by the keytool tool has been updated to warn the removal of the JKS and JCEKS keystores.
The jarsigner tool has been updated to emit a warning when JKS or JCEKS keystores are used.
The KeyStore.load() and KeyStore.store() APIs have been updated to emit a debug warning when operating on JKS or JCEKS keystores and the java.security.debug=keystore is enabled.
All warnings inform the user that JKS and JCEKS use outdated cryptographic algorithms and will be removed in a future release. Users are advised to migrate to the PKCS12 keystore.