Warning, "<sgdverisignrsasecureserver>1000-bit RSA Key Which Is Considered A Security Risk" written to Console during SGD Upgrade or JVM Update
(Doc ID 2563968.1)
Last updated on JUNE 28, 2022
Applies to:
Oracle Secure Global Desktop - Version 5.3 to 5.4 [Release 5.0]Information in this document applies to any platform.
Symptoms
While upgrading a legacy Secure Global Desktop (SGD) Deployment to version 5.4, the SGD Administrator observed the following message written to the console:
This event was not captured within the install logs, did not present within runtime SGD logs, and did not appear to impact the upgrade process, or user connectivity.
This incident was repeated the following week, as the SGD Administrator applied the latest recommended JVM Updates to the recently upgraded server.
Changes
This behavior was seen as the SGD Administrator updated the JVM hosted on the legacy deployment: first, as a product of the initial upgrade to SGD 5.4, and later, as an updated JVM was applied to the system.
In this particular machine, "ENS Stamping" showed that the server had been originally installed with SGD 4.61, and had been routinely upgraded as new versions of the product were made available.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
Removing the Superseded Certificate from the SGD Keystore |
Step 1: Preserve the Superseded Certificate |
Step 2: Remove the Superseded Certificate |