OpenJDK / bsd-port / jdk9 / jdk
changeset 15153:96288b884a04
8060224: Enable SHA-1 CertPath Restrictions
Reviewed-by: mullan
| author | ascarpino |
|---|---|
| date | Thu, 21 Jul 2016 15:08:06 -0700 |
| parents | ab971c902672 |
| children | 1bafcae84fb2 a6e4d9522919 |
| files | src/java.base/share/conf/security/java.security |
| diffstat | 1 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/java.base/share/conf/security/java.security Thu Jul 21 07:42:05 2016 -0700 +++ b/src/java.base/share/conf/security/java.security Thu Jul 21 15:08:06 2016 -0700 @@ -652,8 +652,8 @@ # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ - DSA keySize < 1024, EC keySize < 224 +jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & denyAfter 2017-01-01, \ + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS/DTLS) processing