changeset 15153:96288b884a04

8060224: Enable SHA-1 CertPath Restrictions Reviewed-by: mullan
author ascarpino
date Thu, 21 Jul 2016 15:08:06 -0700
parents ab971c902672
children 1bafcae84fb2 a6e4d9522919
files src/java.base/share/conf/security/java.security
diffstat 1 files changed, 2 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/share/conf/security/java.security	Thu Jul 21 07:42:05 2016 -0700
+++ b/src/java.base/share/conf/security/java.security	Thu Jul 21 15:08:06 2016 -0700
@@ -652,8 +652,8 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
-    DSA keySize < 1024, EC keySize < 224
+jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & denyAfter 2017-01-01, \
+    RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS/DTLS) processing