Skip to content
Permalink
Browse files
8196415: Disable SHA-1 Signed JARs
Backport-of: 278057756a1a79a4b030750c48b821ba9735a0f9
  • Loading branch information
Prajwal Kumaraswamy authored and coffeys committed Apr 29, 2021
1 parent cce99e5 commit 4ea26b8918b1092a7f57be825f62c8146ca75d1a
Showing with 3 additions and 2 deletions.
  1. +3 −2 src/java.base/share/conf/security/java.security
@@ -633,7 +633,8 @@ sun.security.krb5.maxReferrals=5
#
#
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
SHA1 jdkCA & usage SignedJAR & denyAfter 2019-01-01

#
# Legacy algorithms for certification path (CertPath) processing and
@@ -697,7 +698,7 @@ jdk.security.legacyAlgorithms=SHA1, \
# See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
#
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
DSA keySize < 1024
DSA keySize < 1024, SHA1 jdkCA & denyAfter 2019-01-01

#
# Algorithm restrictions for Secure Socket Layer/Transport Layer Security

1 comment on commit 4ea26b8

@openjdk-notifier

This comment has been minimized.

Copy link

@openjdk-notifier openjdk-notifier bot commented on 4ea26b8 Apr 29, 2021

Please sign in to comment.