diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security
index c92e0dd1f47..f913c981ddc 100644
--- a/src/java.base/share/conf/security/java.security
+++ b/src/java.base/share/conf/security/java.security
@@ -654,7 +654,7 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
 
 jdk.security.legacyAlgorithms=SHA1, \
     RSA keySize < 2048, DSA keySize < 2048, \
-    DES, DESede, MD5
+    DES, DESede, MD5, RC2, ARCFOUR
 
 #
 # Algorithm restrictions for signed JAR files
diff --git a/test/jdk/sun/security/tools/keytool/WeakSecretKeyTest.java b/test/jdk/sun/security/tools/keytool/WeakSecretKeyTest.java
index 98ebd690394..9cf917f6682 100644
--- a/test/jdk/sun/security/tools/keytool/WeakSecretKeyTest.java
+++ b/test/jdk/sun/security/tools/keytool/WeakSecretKeyTest.java
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug 8255552
+ * @bug 8255552 8286090
  * @summary Test keytool commands associated with secret key entries which use weak algorithms
  * @library /test/lib
  */
@@ -57,12 +57,26 @@ public class WeakSecretKeyTest {
                 .shouldNotMatch("The generated secret key uses the AES algorithm.*considered a security risk")
                 .shouldHaveExitValue(0);
 
+        SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
+                "-genseckey -keyalg RC2 -alias rc2key -keysize 128")
+                .shouldContain("Warning")
+                .shouldMatch("The generated secret key uses the RC2 algorithm.*considered a security risk")
+                .shouldHaveExitValue(0);
+
+        SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
+                "-genseckey -keyalg RC4 -alias rc4key -keysize 1024")
+                .shouldContain("Warning")
+                .shouldMatch("The generated secret key uses the ARCFOUR algorithm.*considered a security risk")
+                .shouldHaveExitValue(0);
+
         SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
                 "-list -v")
                 .shouldContain("Warning")
                 .shouldMatch("<des3key> uses the DESede algorithm.*considered a security risk")
                 .shouldMatch("<deskey> uses the DES algorithm.*considered a security risk")
                 .shouldNotMatch("<aeskey> uses the AES algorithm.*considered a security risk")
+                .shouldMatch("<rc2key> uses the RC2 algorithm.*considered a security risk")
+                .shouldMatch("<rc4key> uses the ARCFOUR algorithm.*considered a security risk")
                 .shouldHaveExitValue(0);
 
         SecurityTools.setResponse("changeit", "changeit");
@@ -71,6 +85,8 @@ public class WeakSecretKeyTest {
                 .shouldContain("Warning")
                 .shouldMatch("<des3key> uses the DESede algorithm.*considered a security risk")
                 .shouldMatch("<deskey> uses the DES algorithm.*considered a security risk")
+                .shouldMatch("<rc2key> uses the RC2 algorithm.*considered a security risk")
+                .shouldMatch("<rc4key> uses the ARCFOUR algorithm.*considered a security risk")
                 .shouldHaveExitValue(0);
 
         SecurityTools.keytool("-keystore ks.new -storepass changeit " +
@@ -78,6 +94,8 @@ public class WeakSecretKeyTest {
                 .shouldContain("Warning")
                 .shouldMatch("<des3key> uses the DESede algorithm.*considered a security risk")
                 .shouldMatch("<deskey> uses the DES algorithm.*considered a security risk")
+                .shouldMatch("<rc2key> uses the RC2 algorithm.*considered a security risk")
+                .shouldMatch("<rc4key> uses the ARCFOUR algorithm.*considered a security risk")
                 .shouldHaveExitValue(0);
 
         Files.writeString(Files.createFile(Paths.get(JAVA_SECURITY_FILE)),