JDK-8194693 : jdk considers one of its own root certificates insufficiently secure
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Closed
  • Resolution: Not an Issue
  • Submitted: 2018-01-06
  • Updated: 2018-01-19
  • Resolved: 2018-01-09
Related Reports
Relates :  
Relates :  
One of the root certificates in the cacerts file doesn't pass the jdk's own security tests:

~/jdk/jdk11/bin/keytool -importkeystore -srckeystore src/java.base/share/lib/security/cacerts -srcstorepass changeit -destkeystore /tmp/t1.jks -deststorepass changeit 

Import command completed:  80 entries successfully imported, 0 entries failed or cancelled

<gtecybertrustglobalca [jdk]> uses the MD5withRSA signature algorithm which is considered a security risk.

Thanks, Weijun, that's starting to make sense to me. One of the reasons we ordinary users might be confused is because we're thinking of "keystore conversion" where the old and new data is of equal value, but you security experts are probably thinking of the target keystore as a valuable property that must be carefully guarded.

Martin, keytool will not show this warning on an existing trusted cert. Precisely: 1) "keytool -importcert -trustcacerts" if the new cert chains to a root CA cert using a weak alg 2) if the cert using a weak alg is a TrustedCertificateEntry already in the current working keystore In your case, you are importing certs from one keystore to another, so the cert using MD5withRSA is still not in the current working keystore (i.e. destkeystore) yet and considered a "new" cert. I think a warning is reasonable here because new certs should not use that algorithm anymore. After the import, the cert becomes "old" and you will see "keytool -list" does not show the warning anymore.

Thanks, Sean. Feel free to close this as Working as Intended. I would probably drop such certs more aggressively, if only to prevent Fear and Uncertainty.

The "gtecybertrustglobalca [jdk]" certificate is due to expire soon and be removed. However, the signature of root certificates bundled with the JDK is not critical to security. The fingerprints of root certificates are manually checked before they are added to the JDK. Once in the JDK, the keys are trusted by default by being part of the installed JDK, and the signature algorithm doesn't matter. But one should still make that trust decision on their own; hence the warning.