JDK-8207258 : Distrust TLS server certificates anchored by Symantec Root CAs
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 8,11,12
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2018-07-13
  • Updated: 2019-09-04
  • Resolved: 2018-12-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 12 JDK 7 JDK 8 Other
11.0.3-oracleFixed 12 b24Fixed 7u221Fixed 8u211Fixed openjdk7uFixed
Related Reports
Relates :  
JDK-8216280 - Allow later Symantec Policy distrust date for two Apple SubCAs
Relates :  
JDK-8216280 - Allow later Symantec Policy distrust date for two Apple SubCAs
Sub Tasks
JDK-8215012 :  
Release Note: Distrust TLS Server Certificates Anchored by Symantec Root CAs - Closed
Description
Google [1], Mozilla [2], Apple [3], and Microsoft [4] have previously announced plans to distrust TLS Server certificates issued by Symantec.

This enhancement will implement similar restrictions in the JDK.

Precise details are still being planned, but the restrictions will be enforced in the SunJSSE Provider of the Java Secure Socket Extension (JSSE) API. A TLS session will not be negotiated if the server's certificate chain is anchored by any of the Certificate Authorities (and additional constraints such as the certificate notBefore date that will be later defined) in the table below. An application will receive an Exception with a message indicating the trust anchor (root) is not trusted, ex:

   "TLS Server certificate issued after 2019-04-16 and anchored by a distrusted legacy Symantec root CA:  CN=GeoTrust Global CA, O=GeoTrust Inc., C=US"

If necessary, you can work around the restrictions by removing "SYMANTEC_TLS" from the "jdk.security.caDistrustPolicies" security property.

The restrictions will be imposed on the following Symantec Root certificates (identified by Distinguished Name) included in the JDK (note that GeoTrust, Thawte, and VeriSign are Symantec CAs):

1. CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
2. CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US
3. CN=GeoTrust Primary Certification Authority - G2,
    OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
4. CN=GeoTrust Primary Certification Authority - G3,
    OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
5. CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US
6. CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only",
    OU=Certification Services Division, O="thawte, Inc.", C=US
7. CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only",
    O="thawte, Inc.", C=US
8. CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only",
    OU=Certification Services Division, O="thawte, Inc.", C=US
9. EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA,
    OU=Certification Services Division, O=Thawte Consulting cc,
    L=Cape Town, ST=Western Cape, C=ZA
10. OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only",
      OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
11. OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
12. OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only",
      OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
13. CN=VeriSign Class 3 Public Primary Certification Authority - G3,
      OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
      O="VeriSign, Inc.", C=US
14. CN=VeriSign Class 3 Public Primary Certification Authority - G4,
      OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
      O="VeriSign, Inc.", C=US
15. CN=VeriSign Class 3 Public Primary Certification Authority - G5,
      OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
      O="VeriSign, Inc.", C=US
16. CN=VeriSign Universal Root Certification Authority,
      OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network,
      O="VeriSign, Inc.", C=US

[1] https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html
[2] https://wiki.mozilla.org/CA:Symantec_Issues
[3] https://support.apple.com/en-us/HT208860
[4] https://cloudblogs.microsoft.com/microsoftsecure/2018/10/04/microsoft-partners-with-digicert-to-begin-deprecating-symantec-tls-certificates/
Comments
Liu Xin is working on 8u backport.
26-02-2019
Fix Request Backporting this fix makes 11u secure by default. I see it is backported to 11.0.3-oracle. Patch applies to 11u with trivial fuzz (adding block to the end of java.security is sensitive to the existing lines that are there in 11u). Patched 11u passes entire jdk_security test suite.
19-02-2019
Oracle's plan announced: https://blogs.oracle.com/java-platform-group/jdk-distrusting-symantec-tls-certificates
07-12-2018