Blog About Contact

Arrrggh! java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

Published Tue, 7 Aug 2012 • 35 comments

It seemed like a relatively simple task to automate a web transaction on a secure site using Selenium WebDriver and HtmlUnit, until I got this exception:

java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

After ages trying to figure out how to get around it, the solution is simple...

JDK7 changed the default Java security settings to disable MD2 algorithm to sign SSL certificates. BUT this can be re-enabled by editing JDK_HOME/jre/lib/security/java.security and commenting out the following line:

jdk.certpath.disabledAlgorithms=MD2

... becomes ...

#jdk.certpath.disabledAlgorithms=MD2

Hope this helps someone else with the same issue!


About the Author

Richard Nichols is an Australian software engineer with a passion for making things.

Follow him on twitter or subscribe by RSS or email.

You might also enjoy reading -


Discuss / Comment

There are 35 comments.

Add a comment

  • {{e.error}}

Thanks for your comment!/

Required.
Valid email address required.
Required.
Posting message, please wait...