My Oracle Support Banner

Warning, "<sgdverisignrsasecureserver>1000-bit RSA Key Which Is Considered A Security Risk" written to Console during SGD Upgrade or JVM Update (Doc ID 2563968.1)

Last updated on SEPTEMBER 26, 2019

Applies to:

Oracle Secure Global Desktop - Version 5.3 to 5.4 [Release 5.0]
Information in this document applies to any platform.

Symptoms

While upgrading a legacy Secure Global Desktop (SGD) Deployment to version 5.4, the SGD Administrator observed the following message written to the console:

"<sgdverisignrsasecureserver> uses a 1000-bit RSA key which is considered a security risk."

This event was not captured within the install logs, did not present within runtime SGD logs, and did not appear to impact the upgrade process, or user connectivity. 

This incident was repeated the following week, as the SGD Administrator applied the latest recommended JVM Updates to the recently upgraded server.

Changes

This behavior was seen as the SGD Administrator updated the JVM hosted on the legacy deployment:  first, as a product of the initial upgrade to SGD 5.4, and later, as an updated JVM was applied to the system.

In this particular machine, "ENS Stamping" showed that the server had been originally installed with SGD 4.61, and had been routinely upgraded as new versions of the product were made available. 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
 Removing the Superseded Certificate from the SGD Keystore
 Step 1: Preserve the Superseded Certificate
 Step 2: Remove the Superseded Certificate


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.