Thursday, June 13, 2024

Disable weak cipher (e.g. 3DES, SSLv3, MD5, …) suites in Java

This short howto explains how to disable the weak 3DES on Java to improve the overall security.

As the 3DES ciphers are weak (see CVE-2016-2183, CVE-2016-6329) they should be disabled. This can be done by the property jdk.tls.disabledAlgorithms in the security policy file This file is located in {APP_HOME}/jre/lib/security folder. A current “good” configuration would be the following:

jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, DESede, DES, RSA keySize < 2048

Cross information:


Related Articles


Please enter your comment!
Please enter your name here

Stay Connected

- Advertisement -

Latest Articles