JDK-8212003 : Deprecating the default keytool -keyalg value
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2018-10-10
  • Updated: 2018-11-22
  • Resolved: 2018-11-17
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 12
12 b21Fixed
Related Reports
CSR :  
Relates :  
Relates :  
Sub Tasks
JDK-8213965 :  
DSA is rarely used anymore and is not supported by newer protocols such as TLS 1.3. We should seriously consider changing the default type to something other than DSA (ex: RSA or EC). Some compatibility issues will need to be considered and documented.
Discussion thread on security-dev: http://mail.openjdk.java.net/pipermail/security-dev/2018-October/018455.html