438 # (either a user or service).
439 #
440 # When a client issues an AS or a TGS request, the "canonicalize" option
441 # is set to announce support of this feature. A KDC server may fulfill the
442 # request or reply referring the client to a different one. If referred,
443 # the client will issue a new request and the cycle repeats.
444 #
445 # In addition to referrals, the "canonicalize" option allows the KDC server
446 # to change the client name in response to an AS request. For security reasons,
447 # RFC 6806 (section 11) FAST scheme is enforced.
448 #
449 # Disable Kerberos cross-realm referrals. Value may be overwritten with a
450 # System property (-Dsun.security.krb5.disableReferrals).
451 sun.security.krb5.disableReferrals=false
452
453 # Maximum number of AS or TGS referrals to avoid infinite loops. Value may
454 # be overwritten with a System property (-Dsun.security.krb5.maxReferrals).
455 sun.security.krb5.maxReferrals=5
456
457 #
458 # Algorithm restrictions for certification path (CertPath) processing
459 #
460 # In some environments, certain algorithms or key lengths may be undesirable
461 # for certification path building and validation. For example, "MD2" is
462 # generally no longer considered to be a secure hash algorithm. This section
463 # describes the mechanism for disabling algorithms based on algorithm name
464 # and/or key length. This includes algorithms used in certificates, as well
465 # as revocation information such as CRLs and signed OCSP Responses.
466 # The syntax of the disabled algorithm string is described as follows:
467 # DisabledAlgorithms:
468 # " DisabledAlgorithm { , DisabledAlgorithm } "
469 #
470 # DisabledAlgorithm:
471 # AlgorithmName [Constraint] { '&' Constraint }
472 #
473 # AlgorithmName:
474 # (see below)
475 #
476 # Constraint:
477 # KeySizeConstraint | CAConstraint | DenyAfterConstraint |
478 # UsageConstraint
479 #
480 # KeySizeConstraint:
481 # keySize Operator KeyLength
482 #
483 # Operator:
484 # <= | < | == | != | >= | >
485 #
486 # KeyLength:
487 # Integer value of the algorithm's key length in bits
488 #
489 # CAConstraint:
490 # jdkCA
491 #
492 # DenyAfterConstraint:
493 # denyAfter YYYY-MM-DD
494 #
495 # UsageConstraint:
496 # usage [TLSServer] [TLSClient] [SignedJAR]
497 #
498 # The "AlgorithmName" is the standard algorithm name of the disabled
499 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
500 # Documentation" for information about Standard Algorithm Names. Matching
501 # is performed using a case-insensitive sub-element matching rule. (For
502 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
503 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
504 # sub-element of the certificate algorithm name, the algorithm will be
505 # rejected during certification path building and validation. For example,
506 # the assertion algorithm name "DSA" will disable all certificate algorithms
507 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
508 # will not disable algorithms related to "ECDSA".
509 #
510 # A "Constraint" defines restrictions on the keys and/or certificates for
511 # a specified AlgorithmName:
512 #
513 # KeySizeConstraint:
514 # keySize Operator KeyLength
515 # The constraint requires a key of a valid size range if the
516 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
517 # the key size specified in number of bits. For example,
518 # "RSA keySize <= 1024" indicates that any RSA key with key size less
519 # than or equal to 1024 bits should be disabled, and
520 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
521 # with key size less than 1024 or greater than 2048 should be disabled.
522 # This constraint is only used on algorithms that have a key size.
523 #
524 # CAConstraint:
525 # jdkCA
526 # This constraint prohibits the specified algorithm only if the
527 # algorithm is used in a certificate chain that terminates at a marked
528 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
529 # constraint is not set, then all chains using the specified algorithm
562 # chain that terminate at a distribution provided trust anchor and contain
563 # RSA keys that are less than or equal to 1024 bits, add the following
564 # constraint: "RSA keySize <= 1024 & jdkCA".
565 #
566 # All DisabledAlgorithms expressions are processed in the order defined in the
567 # property. This requires lower keysize constraints to be specified
568 # before larger keysize constraints of the same algorithm. For example:
569 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
570 #
571 # Note: The algorithm restrictions do not apply to trust anchors or
572 # self-signed certificates.
573 #
574 # Note: This property is currently used by Oracle's PKIX implementation. It
575 # is not guaranteed to be examined and used by other implementations.
576 #
577 # Example:
578 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
579 #
580 #
581 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
582 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
583
584 #
585 # Algorithm restrictions for signed JAR files
586 #
587 # In some environments, certain algorithms or key lengths may be undesirable
588 # for signed JAR validation. For example, "MD2" is generally no longer
589 # considered to be a secure hash algorithm. This section describes the
590 # mechanism for disabling algorithms based on algorithm name and/or key length.
591 # JARs signed with any of the disabled algorithms or key sizes will be treated
592 # as unsigned.
593 #
594 # The syntax of the disabled algorithm string is described as follows:
595 # DisabledAlgorithms:
596 # " DisabledAlgorithm { , DisabledAlgorithm } "
597 #
598 # DisabledAlgorithm:
599 # AlgorithmName [Constraint] { '&' Constraint }
600 #
601 # AlgorithmName:
602 # (see below)
605 # KeySizeConstraint | DenyAfterConstraint
606 #
607 # KeySizeConstraint:
608 # keySize Operator KeyLength
609 #
610 # DenyAfterConstraint:
611 # denyAfter YYYY-MM-DD
612 #
613 # Operator:
614 # <= | < | == | != | >= | >
615 #
616 # KeyLength:
617 # Integer value of the algorithm's key length in bits
618 #
619 # Note: This property is currently used by the JDK Reference
620 # implementation. It is not guaranteed to be examined and used by other
621 # implementations.
622 #
623 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
624 #
625 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
626
627 #
628 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
629 # (SSL/TLS) processing
630 #
631 # In some environments, certain algorithms or key lengths may be undesirable
632 # when using SSL/TLS. This section describes the mechanism for disabling
633 # algorithms during SSL/TLS security parameters negotiation, including
634 # protocol version negotiation, cipher suites selection, peer authentication
635 # and key exchange mechanisms.
636 #
637 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
638 # if they are enabled explicitly in an application.
639 #
640 # For PKI-based peer authentication and key exchange mechanisms, this list
641 # of disabled algorithms will also be checked during certification path
642 # building and validation, including algorithms used in certificates, as
643 # well as revocation information such as CRLs and signed OCSP Responses.
644 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
645 #
646 # See the specification of "jdk.certpath.disabledAlgorithms" for the
647 # syntax of the disabled algorithm string.
648 #
649 # Note: The algorithm restrictions do not apply to trust anchors or
650 # self-signed certificates.
651 #
652 # Note: This property is currently used by the JDK Reference implementation.
653 # It is not guaranteed to be examined and used by other implementations.
654 #
655 # Example:
656 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
657 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
658 EC keySize < 224, 3DES_EDE_CBC, anon, NULL
659
660 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
661 # processing in JSSE implementation.
662 #
663 # In some environments, a certain algorithm may be undesirable but it
664 # cannot be disabled because of its use in legacy applications. Legacy
665 # algorithms may still be supported, but applications should not use them
666 # as the security strength of legacy algorithms are usually not strong enough
667 # in practice.
668 #
669 # During SSL/TLS security parameters negotiation, legacy algorithms will
670 # not be negotiated unless there are no other candidates.
671 #
672 # The syntax of the legacy algorithms string is described as this Java
673 # BNF-style:
674 # LegacyAlgorithms:
675 # " LegacyAlgorithm { , LegacyAlgorithm } "
676 #
677 # LegacyAlgorithm:
678 # AlgorithmName (standard JSSE algorithm name)
|
438 # (either a user or service).
439 #
440 # When a client issues an AS or a TGS request, the "canonicalize" option
441 # is set to announce support of this feature. A KDC server may fulfill the
442 # request or reply referring the client to a different one. If referred,
443 # the client will issue a new request and the cycle repeats.
444 #
445 # In addition to referrals, the "canonicalize" option allows the KDC server
446 # to change the client name in response to an AS request. For security reasons,
447 # RFC 6806 (section 11) FAST scheme is enforced.
448 #
449 # Disable Kerberos cross-realm referrals. Value may be overwritten with a
450 # System property (-Dsun.security.krb5.disableReferrals).
451 sun.security.krb5.disableReferrals=false
452
453 # Maximum number of AS or TGS referrals to avoid infinite loops. Value may
454 # be overwritten with a System property (-Dsun.security.krb5.maxReferrals).
455 sun.security.krb5.maxReferrals=5
456
457 #
458 # This property contains a list of disabled EC Named Curves that can be included
459 # in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this
460 # list in any of the disabledAlgorithms properties, add the property name as
461 # an entry.
462 jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \
463 secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \
464 secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \
465 sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \
466 sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \
467 sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \
468 X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \
469 X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \
470 X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \
471 brainpoolP320r1, brainpoolP384r1, brainpoolP512r1
472
473 #
474 # Algorithm restrictions for certification path (CertPath) processing
475 #
476 # In some environments, certain algorithms or key lengths may be undesirable
477 # for certification path building and validation. For example, "MD2" is
478 # generally no longer considered to be a secure hash algorithm. This section
479 # describes the mechanism for disabling algorithms based on algorithm name
480 # and/or key length. This includes algorithms used in certificates, as well
481 # as revocation information such as CRLs and signed OCSP Responses.
482 # The syntax of the disabled algorithm string is described as follows:
483 # DisabledAlgorithms:
484 # " DisabledAlgorithm { , DisabledAlgorithm } "
485 #
486 # DisabledAlgorithm:
487 # AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty
488 #
489 # AlgorithmName:
490 # (see below)
491 #
492 # Constraint:
493 # KeySizeConstraint | CAConstraint | DenyAfterConstraint |
494 # UsageConstraint
495 #
496 # KeySizeConstraint:
497 # keySize Operator KeyLength
498 #
499 # Operator:
500 # <= | < | == | != | >= | >
501 #
502 # KeyLength:
503 # Integer value of the algorithm's key length in bits
504 #
505 # CAConstraint:
506 # jdkCA
507 #
508 # DenyAfterConstraint:
509 # denyAfter YYYY-MM-DD
510 #
511 # UsageConstraint:
512 # usage [TLSServer] [TLSClient] [SignedJAR]
513 #
514 # IncludeProperty:
515 # include <security property>
516 #
517 # The "AlgorithmName" is the standard algorithm name of the disabled
518 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
519 # Documentation" for information about Standard Algorithm Names. Matching
520 # is performed using a case-insensitive sub-element matching rule. (For
521 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
522 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
523 # sub-element of the certificate algorithm name, the algorithm will be
524 # rejected during certification path building and validation. For example,
525 # the assertion algorithm name "DSA" will disable all certificate algorithms
526 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
527 # will not disable algorithms related to "ECDSA".
528 #
529 # The "IncludeProperty" allows a implementation-defined security property that
530 # can be included in the disabledAlgorithms properties. These properties are
531 # to help manage common actions easier across multiple disabledAlgorithm
532 # properties.
533 # There is one defined security property: jdk.disabled.NamedCurves
534 # See the property for more specific details.
535 #
536 #
537 # A "Constraint" defines restrictions on the keys and/or certificates for
538 # a specified AlgorithmName:
539 #
540 # KeySizeConstraint:
541 # keySize Operator KeyLength
542 # The constraint requires a key of a valid size range if the
543 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
544 # the key size specified in number of bits. For example,
545 # "RSA keySize <= 1024" indicates that any RSA key with key size less
546 # than or equal to 1024 bits should be disabled, and
547 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
548 # with key size less than 1024 or greater than 2048 should be disabled.
549 # This constraint is only used on algorithms that have a key size.
550 #
551 # CAConstraint:
552 # jdkCA
553 # This constraint prohibits the specified algorithm only if the
554 # algorithm is used in a certificate chain that terminates at a marked
555 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
556 # constraint is not set, then all chains using the specified algorithm
589 # chain that terminate at a distribution provided trust anchor and contain
590 # RSA keys that are less than or equal to 1024 bits, add the following
591 # constraint: "RSA keySize <= 1024 & jdkCA".
592 #
593 # All DisabledAlgorithms expressions are processed in the order defined in the
594 # property. This requires lower keysize constraints to be specified
595 # before larger keysize constraints of the same algorithm. For example:
596 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
597 #
598 # Note: The algorithm restrictions do not apply to trust anchors or
599 # self-signed certificates.
600 #
601 # Note: This property is currently used by Oracle's PKIX implementation. It
602 # is not guaranteed to be examined and used by other implementations.
603 #
604 # Example:
605 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
606 #
607 #
608 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
609 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
610 include jdk.disabled.namedCurves
611
612 #
613 # Algorithm restrictions for signed JAR files
614 #
615 # In some environments, certain algorithms or key lengths may be undesirable
616 # for signed JAR validation. For example, "MD2" is generally no longer
617 # considered to be a secure hash algorithm. This section describes the
618 # mechanism for disabling algorithms based on algorithm name and/or key length.
619 # JARs signed with any of the disabled algorithms or key sizes will be treated
620 # as unsigned.
621 #
622 # The syntax of the disabled algorithm string is described as follows:
623 # DisabledAlgorithms:
624 # " DisabledAlgorithm { , DisabledAlgorithm } "
625 #
626 # DisabledAlgorithm:
627 # AlgorithmName [Constraint] { '&' Constraint }
628 #
629 # AlgorithmName:
630 # (see below)
633 # KeySizeConstraint | DenyAfterConstraint
634 #
635 # KeySizeConstraint:
636 # keySize Operator KeyLength
637 #
638 # DenyAfterConstraint:
639 # denyAfter YYYY-MM-DD
640 #
641 # Operator:
642 # <= | < | == | != | >= | >
643 #
644 # KeyLength:
645 # Integer value of the algorithm's key length in bits
646 #
647 # Note: This property is currently used by the JDK Reference
648 # implementation. It is not guaranteed to be examined and used by other
649 # implementations.
650 #
651 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
652 #
653 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
654 DSA keySize < 1024, include jdk.disabled.namedCurves
655
656 #
657 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
658 # (SSL/TLS) processing
659 #
660 # In some environments, certain algorithms or key lengths may be undesirable
661 # when using SSL/TLS. This section describes the mechanism for disabling
662 # algorithms during SSL/TLS security parameters negotiation, including
663 # protocol version negotiation, cipher suites selection, peer authentication
664 # and key exchange mechanisms.
665 #
666 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
667 # if they are enabled explicitly in an application.
668 #
669 # For PKI-based peer authentication and key exchange mechanisms, this list
670 # of disabled algorithms will also be checked during certification path
671 # building and validation, including algorithms used in certificates, as
672 # well as revocation information such as CRLs and signed OCSP Responses.
673 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
674 #
675 # See the specification of "jdk.certpath.disabledAlgorithms" for the
676 # syntax of the disabled algorithm string.
677 #
678 # Note: The algorithm restrictions do not apply to trust anchors or
679 # self-signed certificates.
680 #
681 # Note: This property is currently used by the JDK Reference implementation.
682 # It is not guaranteed to be examined and used by other implementations.
683 #
684 # Example:
685 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
686 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
687 EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
688 include jdk.disabled.namedCurves
689
690 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
691 # processing in JSSE implementation.
692 #
693 # In some environments, a certain algorithm may be undesirable but it
694 # cannot be disabled because of its use in legacy applications. Legacy
695 # algorithms may still be supported, but applications should not use them
696 # as the security strength of legacy algorithms are usually not strong enough
697 # in practice.
698 #
699 # During SSL/TLS security parameters negotiation, legacy algorithms will
700 # not be negotiated unless there are no other candidates.
701 #
702 # The syntax of the legacy algorithms string is described as this Java
703 # BNF-style:
704 # LegacyAlgorithms:
705 # " LegacyAlgorithm { , LegacyAlgorithm } "
706 #
707 # LegacyAlgorithm:
708 # AlgorithmName (standard JSSE algorithm name)
|