I downloaded the files and they match what you described below. Can you please added a text file describing how they are generated. Also, I see a unknown_keystore in the same directory still using the weak algorithms. Do you also intent to update it?
Thanks Max > On May 16, 2016, at 8:52 PM, Xuelei Fan <[email protected]> wrote: > > Hi, > > Please review this test update: > http://cr.openjdk.java.net/~xuelei/8157035/webrev.00/ > > test/javax/net/ssl/etc/keystore and truststore are used a lot for X.509 > cert based SSL/TLS authentication in JDK testing. MD5 and SHA1 are used > as the signature algorithms. The key size of EC certs is 192 bits. > > MD5 has been disabled, and 192-bits EC keys will be disabled in the near > future(see JDK-8148516). It's time to use stronger algorithms (SHA256) > and keys (2048-bits for RSA and 256-bits for EC). > > This update renew the RSA cert with 2048-bits key and the EC cert with > 256-bits key. And the hash algorithms of the signatures are now SHA256. > > Note that the DSA entry is not updated this time. > > Thanks, > Xuelei
