Summary

Distrust TLS server certificates issued after March 17, 2026 and anchored by the Chunghwa ePKI Root CA.

Problem

TLS server certificates anchored by the Chunghwa ePKI Root CA are distrusted if issued after a specific date by Google [1] and Mozilla [2].

[1] https://security.googleblog.com/2025/05/sustaining-digital-certificate-security-chrome-root-store-changes.html [2] https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/uYAm_c_pfos/m/Pz5m5PAZBwAJ

Solution

The JDK will stop trusting TLS server certificates issued after March 17, 2026 and anchored by the Chunghwa ePKI Root CA, in line with similar plans announced by Google and Mozilla.

TLS server certificates issued on or before March 17, 2026 will continue to be trusted until they expire. Certificates issued after that date will be rejected.

The restrictions will be enforced in the JDK implementation (the SunJSSE Provider) of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server's certificate chain is anchored by any of the Certificate Authorities in the list below and the certificate has been issued after March 17 of 2026.

An application will receive an Exception with a message indicating the trust anchor is not trusted, ex:

"TLS server certificate issued after 2026-03-17 and anchored by a distrusted legacy Chunghwa root CA: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW"

Specification

The policy will be enabled by adding CHUNGHWA_TLS to the jdk.security.caDistrustPolicies security property in the java.security configuration file. If enabled, this policy is enforced by the PKIX and SunX509 TrustManager implementations of the SunJSSE provider implementation.

There is one Chunghwa root that will be distrusted:

• cacerts alias: chunghwaepkirootca

  DN: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW