changeset 16858:dbcdb8bcadd6

8176503: Disable SHA-1 TLS Server Certificates Reviewed-by: vinnie, ascarpino
author mullan
date Tue, 14 Mar 2017 08:35:03 -0400
parents dec69a95e5c9
children 341a471ff662
files src/java.base/share/conf/security/java.security
diffstat 1 files changed, 2 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/share/conf/security/java.security	Mon Mar 13 13:38:14 2017 -0700
+++ b/src/java.base/share/conf/security/java.security	Tue Mar 14 08:35:03 2017 -0400
@@ -598,8 +598,8 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
-    DSA keySize < 1024, EC keySize < 224
+jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
+    RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
 
 #
 # Algorithm restrictions for signed JAR files