Oracle JRE cacerts Truststore Does Not Include Intermediate entrust-L1k Certificate
(Doc ID 2491289.1)
Last updated on FEBRUARY 07, 2021
Applies to:Java SE JDK and JRE - Version 7 and later
Information in this document applies to any platform.
Java fails to validate intermediate entrust-L1k certificate, unless it is explicitly imported into [JAVA_HOME]/lib/security/cacerts .
Upon analyzing the Oracle JRE cacerts truststore ([JAVA_HOME]/lib/security/cacerts), you find the Intermediate entrust-L1k certificate is not included by default.
This is verified with the following steps (as an example):
Notice the Intermediate entrust-L1k certificate is not there.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document