Abstract: This short howto explains how to disable the weak 3DES on Java

As the 3DES ciphers are weak (see CVE-2016-2183, CVE-2016-6329) they should be disabled. This can be done by the property jdk.tls.disabledAlgorithms in the security policy file java.security. This file is located in {APP_HOME}/jre/lib/security folder. A current "good" configuration would be the following:

jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, DESede, DES, RSA keySize < 2048

Cross information:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html
http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html

 

Leave your comments

Post comment as a guest

0

Comments

    • No comments found