Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6520740

cacerts contains an expired certificate

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Duplicate
    • Affects Version/s: 6
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:

      Description

      Scenario: Use keytool to list the contents of <JAVA_HOME>/jre/lib/security/cacerts and check if any certificates have expired

      Expected Outcome: No certificate should be expired.

      Actual Outcome: One certificate has expired. Details are below:

      Alias name: gtecybertrustca
      Creation date: 10-May-2002
      Entry type: trustedCertEntry

      Owner: CN=GTE CyberTrust Root, O=GTE Corporation, C=US
      Issuer: CN=GTE CyberTrust Root, O=GTE Corporation, C=US
      Serial number: 1a3
      Valid from: Sat Feb 24 04:31:00 IST 1996 until: Fri Feb 24 05:29:00 IST 2006
      Certificate fingerprints:
      MD5: C4:D7:F0:B2:A3:C5:7D:61:67:F0:04:CD:43:D3:BA:58
      SHA1: 90:DE:DE:9E:4C:4E:9F:6F:D8:86:17:57:9D:D3:91:BC:65:A6:89:64
      Signature algorithm name: MD5withRSA
      Version: 1

      Steps to reproduce:

      1. Install the above specified java build and set PATH to java executable

      2. Execute the below command:
         >>keytool -list -v -keystore <JAVA_HOME>/jre/lib/security/cacerts -storepass changeit > cacerts.txt 2>&1

      cacerts.txt indicates that the aforementioned certificate is expired.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mullan Sean Mullan
              Reporter:
              elarsen Erik Larsen (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: