Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6520740

cacerts contains an expired certificate

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Duplicate
    • Affects Version/s: 6
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:

      Description

      Scenario: Use keytool to list the contents of <JAVA_HOME>/jre/lib/security/cacerts and check if any certificates have expired

      Expected Outcome: No certificate should be expired.

      Actual Outcome: One certificate has expired. Details are below:

      Alias name: gtecybertrustca
      Creation date: 10-May-2002
      Entry type: trustedCertEntry

      Owner: CN=GTE CyberTrust Root, O=GTE Corporation, C=US
      Issuer: CN=GTE CyberTrust Root, O=GTE Corporation, C=US
      Serial number: 1a3
      Valid from: Sat Feb 24 04:31:00 IST 1996 until: Fri Feb 24 05:29:00 IST 2006
      Certificate fingerprints:
      MD5: C4:D7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58
      SHA1: 90:DE:DE:9E:4C:4E:9F:6F:D8:86:17:57:9D:D3:91:BC:65:A6:89:64
      Signature algorithm name: MD5withRSA
      Version: 1

      Steps to reproduce:

      1. Install the above specified java build and set PATH to java executable

      2. Execute the below command:
         >>keytool -list -v -keystore <JAVA_HOME>/jre/lib/security/cacerts -storepass changeit > cacerts.txt 2>&1

      cacerts.txt indicates that the aforementioned certificate is expired.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mullan Sean Mullan
                Reporter:
                elarsen Erik Larsen (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: