JDK-8351686 : Release Note: Removed Baltimore CyberTrust Root Certificate After Expiry Date
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version:
    7u471,8u461,8u461-perf,11.0.28-oracle,17.0.16-oracle,21.0.8-oracle,24.0.2,25 7u471,8u461,8u461-perf,11.0.28-oracle,17.0.16-oracle,21.0.8-oracle,24.0.2,25
  • Priority: P3
  • Status: Resolved
  • Resolution: Delivered
  • Submitted: 2025-03-11
  • Updated: 2025-05-21
  • Resolved: 2025-03-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 17 JDK 21 JDK 24 JDK 25 JDK 7 JDK 8
11.0.28-oracleResolved 17.0.16-oracleResolved 21.0.8-oracleResolved 24.0.2Resolved 25Resolved 7u471Resolved 8u461Resolved
Description
The following expired root certificate has been removed from the `cacerts` keystore:
```
+ alias name "baltimorecybertrustca [jdk]"
  Distinguished Name: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
```