You probably should use shouldNotMatch() because here it's a pattern match instead of simply contain.
Try add a MD5withRSA cert there to see how it works. Thanks, Max > On May 23, 2020, at 11:01 AM, Hai-May Chao <hai-may.c...@oracle.com> wrote: > > Hi, > > I’d like to request q review for - > > JBS: https://bugs.openjdk.java.net/browse/JDK-8245665 > Webrev: https://cr.openjdk.java.net/~hchao/8245665/webrev.00/ > > Keytool only emits warnings for the root CA in cacerts using the weak key, > but not for using the weak algorithm. So test case WeakAlg.java should do the > checking on warnings accordingly. > > Thanks, > Hai-May >
