Java Revocated SSL Certificate?

Recently there have been many SSL certificates revocated due to the heartbleed issue. Yesterday, for the first time, I came across a warning advising the information for a certificate was not available. Once reading and accepting the revocation I continued on my merry way.

Today however I received another revocation notice when using the java updater.

Revocated Java Certificate

Has Java forgotten to remove a revocated certificate from their servers?

Interestingly I had carried out a search simply for sjremetrics.java.com (the certificate was created for this URL) and lo and behold the very first response was for a post on the Oracle Forum which detailed Java having exactly the same issue back in 2010.

Side note. On looking at the details of the SSL certificate I see that it was issues on 17th September 2013 and was due to expire on the 17th November 2014. A 14 month certificate? I did not know that was possible. Or was it revoked in 2013 as well?

P.S.

I have tried to submit a bug for this issue however Oracle’s bug reporting process is atrocious.

I have received an email stating that the report “will be evaluated”.  Don’t think I will bother next time.

Tell us your thoughts