I did testing with a MD5RSA root CA. Updated the webrev. Thanks, Hai-May
> On May 22, 2020, at 8:50 PM, Weijun Wang <weijun.w...@oracle.com> wrote: > > You probably should use shouldNotMatch() because here it's a pattern match > instead of simply contain. > > Try add a MD5withRSA cert there to see how it works. > > Thanks, > Max > >> On May 23, 2020, at 11:01 AM, Hai-May Chao <hai-may.c...@oracle.com> wrote: >> >> Hi, >> >> I’d like to request q review for - >> >> JBS: https://bugs.openjdk.java.net/browse/JDK-8245665 >> Webrev: https://cr.openjdk.java.net/~hchao/8245665/webrev.00/ >> >> Keytool only emits warnings for the root CA in cacerts using the weak key, >> but not for using the weak algorithm. So test case WeakAlg.java should do >> the checking on warnings accordingly. >> >> Thanks, >> Hai-May >> >
