Home Computer Windows Disable weak cipher (e.g. 3DES, SSLv3, MD5, …) suites in Java

Disable weak cipher (e.g. 3DES, SSLv3, MD5, …) suites in Java

0

This short howto explains how to disable the weak 3DES on Java to improve the overall security.

As the 3DES ciphers are weak (see CVE-2016-2183, CVE-2016-6329) they should be disabled. This can be done by the property jdk.tls.disabledAlgorithms in the security policy file java.security. This file is located in {APP_HOME}/jre/lib/security folder. A current “good” configuration would be the following:

jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, DESede, DES, RSA keySize < 2048

Cross information:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html
http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html

 

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Exit mobile version