435 # (either a user or service).
436 #
437 # When a client issues an AS or a TGS request, the "canonicalize" option
438 # is set to announce support of this feature. A KDC server may fulfill the
439 # request or reply referring the client to a different one. If referred,
440 # the client will issue a new request and the cycle repeats.
441 #
442 # In addition to referrals, the "canonicalize" option allows the KDC server
443 # to change the client name in response to an AS request. For security reasons,
444 # RFC 6806 (section 11) FAST scheme is enforced.
445 #
446 # Disable Kerberos cross-realm referrals. Value may be overwritten with a
447 # System property (-Dsun.security.krb5.disableReferrals).
448 sun.security.krb5.disableReferrals=false
449
450 # Maximum number of AS or TGS referrals to avoid infinite loops. Value may
451 # be overwritten with a System property (-Dsun.security.krb5.maxReferrals).
452 sun.security.krb5.maxReferrals=5
453
454 #
455 # Algorithm restrictions for certification path (CertPath) processing
456 #
457 # In some environments, certain algorithms or key lengths may be undesirable
458 # for certification path building and validation. For example, "MD2" is
459 # generally no longer considered to be a secure hash algorithm. This section
460 # describes the mechanism for disabling algorithms based on algorithm name
461 # and/or key length. This includes algorithms used in certificates, as well
462 # as revocation information such as CRLs and signed OCSP Responses.
463 # The syntax of the disabled algorithm string is described as follows:
464 # DisabledAlgorithms:
465 # " DisabledAlgorithm { , DisabledAlgorithm } "
466 #
467 # DisabledAlgorithm:
468 # AlgorithmName [Constraint] { '&' Constraint }
469 #
470 # AlgorithmName:
471 # (see below)
472 #
473 # Constraint:
474 # KeySizeConstraint | CAConstraint | DenyAfterConstraint |
475 # UsageConstraint
476 #
477 # KeySizeConstraint:
478 # keySize Operator KeyLength
479 #
480 # Operator:
481 # <= | < | == | != | >= | >
482 #
483 # KeyLength:
484 # Integer value of the algorithm's key length in bits
485 #
486 # CAConstraint:
487 # jdkCA
488 #
489 # DenyAfterConstraint:
490 # denyAfter YYYY-MM-DD
491 #
492 # UsageConstraint:
493 # usage [TLSServer] [TLSClient] [SignedJAR]
494 #
495 # The "AlgorithmName" is the standard algorithm name of the disabled
496 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
497 # Documentation" for information about Standard Algorithm Names. Matching
498 # is performed using a case-insensitive sub-element matching rule. (For
499 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
500 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
501 # sub-element of the certificate algorithm name, the algorithm will be
502 # rejected during certification path building and validation. For example,
503 # the assertion algorithm name "DSA" will disable all certificate algorithms
504 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
505 # will not disable algorithms related to "ECDSA".
506 #
507 # A "Constraint" defines restrictions on the keys and/or certificates for
508 # a specified AlgorithmName:
509 #
510 # KeySizeConstraint:
511 # keySize Operator KeyLength
512 # The constraint requires a key of a valid size range if the
513 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
514 # the key size specified in number of bits. For example,
515 # "RSA keySize <= 1024" indicates that any RSA key with key size less
516 # than or equal to 1024 bits should be disabled, and
517 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
518 # with key size less than 1024 or greater than 2048 should be disabled.
519 # This constraint is only used on algorithms that have a key size.
520 #
521 # CAConstraint:
522 # jdkCA
523 # This constraint prohibits the specified algorithm only if the
524 # algorithm is used in a certificate chain that terminates at a marked
525 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
526 # constraint is not set, then all chains using the specified algorithm
559 # chain that terminate at a distribution provided trust anchor and contain
560 # RSA keys that are less than or equal to 1024 bits, add the following
561 # constraint: "RSA keySize <= 1024 & jdkCA".
562 #
563 # All DisabledAlgorithms expressions are processed in the order defined in the
564 # property. This requires lower keysize constraints to be specified
565 # before larger keysize constraints of the same algorithm. For example:
566 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
567 #
568 # Note: The algorithm restrictions do not apply to trust anchors or
569 # self-signed certificates.
570 #
571 # Note: This property is currently used by Oracle's PKIX implementation. It
572 # is not guaranteed to be examined and used by other implementations.
573 #
574 # Example:
575 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
576 #
577 #
578 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
579 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
580
581 #
582 # Algorithm restrictions for signed JAR files
583 #
584 # In some environments, certain algorithms or key lengths may be undesirable
585 # for signed JAR validation. For example, "MD2" is generally no longer
586 # considered to be a secure hash algorithm. This section describes the
587 # mechanism for disabling algorithms based on algorithm name and/or key length.
588 # JARs signed with any of the disabled algorithms or key sizes will be treated
589 # as unsigned.
590 #
591 # The syntax of the disabled algorithm string is described as follows:
592 # DisabledAlgorithms:
593 # " DisabledAlgorithm { , DisabledAlgorithm } "
594 #
595 # DisabledAlgorithm:
596 # AlgorithmName [Constraint] { '&' Constraint }
597 #
598 # AlgorithmName:
599 # (see below)
602 # KeySizeConstraint | DenyAfterConstraint
603 #
604 # KeySizeConstraint:
605 # keySize Operator KeyLength
606 #
607 # DenyAfterConstraint:
608 # denyAfter YYYY-MM-DD
609 #
610 # Operator:
611 # <= | < | == | != | >= | >
612 #
613 # KeyLength:
614 # Integer value of the algorithm's key length in bits
615 #
616 # Note: This property is currently used by the JDK Reference
617 # implementation. It is not guaranteed to be examined and used by other
618 # implementations.
619 #
620 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
621 #
622 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
623
624 #
625 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
626 # (SSL/TLS) processing
627 #
628 # In some environments, certain algorithms or key lengths may be undesirable
629 # when using SSL/TLS. This section describes the mechanism for disabling
630 # algorithms during SSL/TLS security parameters negotiation, including
631 # protocol version negotiation, cipher suites selection, peer authentication
632 # and key exchange mechanisms.
633 #
634 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
635 # if they are enabled explicitly in an application.
636 #
637 # For PKI-based peer authentication and key exchange mechanisms, this list
638 # of disabled algorithms will also be checked during certification path
639 # building and validation, including algorithms used in certificates, as
640 # well as revocation information such as CRLs and signed OCSP Responses.
641 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
642 #
643 # See the specification of "jdk.certpath.disabledAlgorithms" for the
644 # syntax of the disabled algorithm string.
645 #
646 # Note: The algorithm restrictions do not apply to trust anchors or
647 # self-signed certificates.
648 #
649 # Note: This property is currently used by the JDK Reference implementation.
650 # It is not guaranteed to be examined and used by other implementations.
651 #
652 # Example:
653 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
654 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
655 EC keySize < 224, 3DES_EDE_CBC, anon, NULL
656
657 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
658 # processing in JSSE implementation.
659 #
660 # In some environments, a certain algorithm may be undesirable but it
661 # cannot be disabled because of its use in legacy applications. Legacy
662 # algorithms may still be supported, but applications should not use them
663 # as the security strength of legacy algorithms are usually not strong enough
664 # in practice.
665 #
666 # During SSL/TLS security parameters negotiation, legacy algorithms will
667 # not be negotiated unless there are no other candidates.
668 #
669 # The syntax of the legacy algorithms string is described as this Java
670 # BNF-style:
671 # LegacyAlgorithms:
672 # " LegacyAlgorithm { , LegacyAlgorithm } "
673 #
674 # LegacyAlgorithm:
675 # AlgorithmName (standard JSSE algorithm name)
|
435 # (either a user or service).
436 #
437 # When a client issues an AS or a TGS request, the "canonicalize" option
438 # is set to announce support of this feature. A KDC server may fulfill the
439 # request or reply referring the client to a different one. If referred,
440 # the client will issue a new request and the cycle repeats.
441 #
442 # In addition to referrals, the "canonicalize" option allows the KDC server
443 # to change the client name in response to an AS request. For security reasons,
444 # RFC 6806 (section 11) FAST scheme is enforced.
445 #
446 # Disable Kerberos cross-realm referrals. Value may be overwritten with a
447 # System property (-Dsun.security.krb5.disableReferrals).
448 sun.security.krb5.disableReferrals=false
449
450 # Maximum number of AS or TGS referrals to avoid infinite loops. Value may
451 # be overwritten with a System property (-Dsun.security.krb5.maxReferrals).
452 sun.security.krb5.maxReferrals=5
453
454 #
455 # This property contains a list of disabled EC Named Curves that can be included
456 # in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this
457 # list in any of the disabledAlgorithms properties, add the property name as
458 # an entry.
459 jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \
460 secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \
461 secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \
462 sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \
463 sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \
464 sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \
465 X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \
466 X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \
467 X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \
468 brainpoolP320r1, brainpoolP384r1, brainpoolP512r1
469
470 #
471 # Algorithm restrictions for certification path (CertPath) processing
472 #
473 # In some environments, certain algorithms or key lengths may be undesirable
474 # for certification path building and validation. For example, "MD2" is
475 # generally no longer considered to be a secure hash algorithm. This section
476 # describes the mechanism for disabling algorithms based on algorithm name
477 # and/or key length. This includes algorithms used in certificates, as well
478 # as revocation information such as CRLs and signed OCSP Responses.
479 # The syntax of the disabled algorithm string is described as follows:
480 # DisabledAlgorithms:
481 # " DisabledAlgorithm { , DisabledAlgorithm } "
482 #
483 # DisabledAlgorithm:
484 # AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty
485 #
486 # AlgorithmName:
487 # (see below)
488 #
489 # Constraint:
490 # KeySizeConstraint | CAConstraint | DenyAfterConstraint |
491 # UsageConstraint
492 #
493 # KeySizeConstraint:
494 # keySize Operator KeyLength
495 #
496 # Operator:
497 # <= | < | == | != | >= | >
498 #
499 # KeyLength:
500 # Integer value of the algorithm's key length in bits
501 #
502 # CAConstraint:
503 # jdkCA
504 #
505 # DenyAfterConstraint:
506 # denyAfter YYYY-MM-DD
507 #
508 # UsageConstraint:
509 # usage [TLSServer] [TLSClient] [SignedJAR]
510 #
511 # IncludeProperty:
512 # include <security property>
513 #
514 # The "AlgorithmName" is the standard algorithm name of the disabled
515 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
516 # Documentation" for information about Standard Algorithm Names. Matching
517 # is performed using a case-insensitive sub-element matching rule. (For
518 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
519 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
520 # sub-element of the certificate algorithm name, the algorithm will be
521 # rejected during certification path building and validation. For example,
522 # the assertion algorithm name "DSA" will disable all certificate algorithms
523 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
524 # will not disable algorithms related to "ECDSA".
525 #
526 # The "IncludeProperty" allows a implementation-defined security property that
527 # can be included in the disabledAlgorithms properties. These properties are
528 # to help manage common actions easier across multiple disabledAlgorithm
529 # properties.
530 # There is one defined security property: jdk.disabled.NamedCurves
531 # See the property for more specific details.
532 #
533 #
534 # A "Constraint" defines restrictions on the keys and/or certificates for
535 # a specified AlgorithmName:
536 #
537 # KeySizeConstraint:
538 # keySize Operator KeyLength
539 # The constraint requires a key of a valid size range if the
540 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
541 # the key size specified in number of bits. For example,
542 # "RSA keySize <= 1024" indicates that any RSA key with key size less
543 # than or equal to 1024 bits should be disabled, and
544 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
545 # with key size less than 1024 or greater than 2048 should be disabled.
546 # This constraint is only used on algorithms that have a key size.
547 #
548 # CAConstraint:
549 # jdkCA
550 # This constraint prohibits the specified algorithm only if the
551 # algorithm is used in a certificate chain that terminates at a marked
552 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
553 # constraint is not set, then all chains using the specified algorithm
586 # chain that terminate at a distribution provided trust anchor and contain
587 # RSA keys that are less than or equal to 1024 bits, add the following
588 # constraint: "RSA keySize <= 1024 & jdkCA".
589 #
590 # All DisabledAlgorithms expressions are processed in the order defined in the
591 # property. This requires lower keysize constraints to be specified
592 # before larger keysize constraints of the same algorithm. For example:
593 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
594 #
595 # Note: The algorithm restrictions do not apply to trust anchors or
596 # self-signed certificates.
597 #
598 # Note: This property is currently used by Oracle's PKIX implementation. It
599 # is not guaranteed to be examined and used by other implementations.
600 #
601 # Example:
602 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
603 #
604 #
605 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
606 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
607 include jdk.disabled.namedCurves
608
609 #
610 # Algorithm restrictions for signed JAR files
611 #
612 # In some environments, certain algorithms or key lengths may be undesirable
613 # for signed JAR validation. For example, "MD2" is generally no longer
614 # considered to be a secure hash algorithm. This section describes the
615 # mechanism for disabling algorithms based on algorithm name and/or key length.
616 # JARs signed with any of the disabled algorithms or key sizes will be treated
617 # as unsigned.
618 #
619 # The syntax of the disabled algorithm string is described as follows:
620 # DisabledAlgorithms:
621 # " DisabledAlgorithm { , DisabledAlgorithm } "
622 #
623 # DisabledAlgorithm:
624 # AlgorithmName [Constraint] { '&' Constraint }
625 #
626 # AlgorithmName:
627 # (see below)
630 # KeySizeConstraint | DenyAfterConstraint
631 #
632 # KeySizeConstraint:
633 # keySize Operator KeyLength
634 #
635 # DenyAfterConstraint:
636 # denyAfter YYYY-MM-DD
637 #
638 # Operator:
639 # <= | < | == | != | >= | >
640 #
641 # KeyLength:
642 # Integer value of the algorithm's key length in bits
643 #
644 # Note: This property is currently used by the JDK Reference
645 # implementation. It is not guaranteed to be examined and used by other
646 # implementations.
647 #
648 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
649 #
650 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
651 DSA keySize < 1024, include jdk.disabled.namedCurves
652
653 #
654 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
655 # (SSL/TLS) processing
656 #
657 # In some environments, certain algorithms or key lengths may be undesirable
658 # when using SSL/TLS. This section describes the mechanism for disabling
659 # algorithms during SSL/TLS security parameters negotiation, including
660 # protocol version negotiation, cipher suites selection, peer authentication
661 # and key exchange mechanisms.
662 #
663 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
664 # if they are enabled explicitly in an application.
665 #
666 # For PKI-based peer authentication and key exchange mechanisms, this list
667 # of disabled algorithms will also be checked during certification path
668 # building and validation, including algorithms used in certificates, as
669 # well as revocation information such as CRLs and signed OCSP Responses.
670 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
671 #
672 # See the specification of "jdk.certpath.disabledAlgorithms" for the
673 # syntax of the disabled algorithm string.
674 #
675 # Note: The algorithm restrictions do not apply to trust anchors or
676 # self-signed certificates.
677 #
678 # Note: This property is currently used by the JDK Reference implementation.
679 # It is not guaranteed to be examined and used by other implementations.
680 #
681 # Example:
682 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
683 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
684 EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
685 include jdk.disabled.namedCurves
686
687 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
688 # processing in JSSE implementation.
689 #
690 # In some environments, a certain algorithm may be undesirable but it
691 # cannot be disabled because of its use in legacy applications. Legacy
692 # algorithms may still be supported, but applications should not use them
693 # as the security strength of legacy algorithms are usually not strong enough
694 # in practice.
695 #
696 # During SSL/TLS security parameters negotiation, legacy algorithms will
697 # not be negotiated unless there are no other candidates.
698 #
699 # The syntax of the legacy algorithms string is described as this Java
700 # BNF-style:
701 # LegacyAlgorithms:
702 # " LegacyAlgorithm { , LegacyAlgorithm } "
703 #
704 # LegacyAlgorithm:
705 # AlgorithmName (standard JSSE algorithm name)
|