436 # (either a user or service).
437 #
438 # When a client issues an AS or a TGS request, the "canonicalize" option
439 # is set to announce support of this feature. A KDC server may fulfill the
440 # request or reply referring the client to a different one. If referred,
441 # the client will issue a new request and the cycle repeats.
442 #
443 # In addition to referrals, the "canonicalize" option allows the KDC server
444 # to change the client name in response to an AS request. For security reasons,
445 # RFC 6806 (section 11) FAST scheme is enforced.
446 #
447 # Disable Kerberos cross-realm referrals. Value may be overwritten with a
448 # System property (-Dsun.security.krb5.disableReferrals).
449 sun.security.krb5.disableReferrals=false
450
451 # Maximum number of AS or TGS referrals to avoid infinite loops. Value may
452 # be overwritten with a System property (-Dsun.security.krb5.maxReferrals).
453 sun.security.krb5.maxReferrals=5
454
455 #
456 # Algorithm restrictions for certification path (CertPath) processing
457 #
458 # In some environments, certain algorithms or key lengths may be undesirable
459 # for certification path building and validation. For example, "MD2" is
460 # generally no longer considered to be a secure hash algorithm. This section
461 # describes the mechanism for disabling algorithms based on algorithm name
462 # and/or key length. This includes algorithms used in certificates, as well
463 # as revocation information such as CRLs and signed OCSP Responses.
464 # The syntax of the disabled algorithm string is described as follows:
465 # DisabledAlgorithms:
466 # " DisabledAlgorithm { , DisabledAlgorithm } "
467 #
468 # DisabledAlgorithm:
469 # AlgorithmName [Constraint] { '&' Constraint }
470 #
471 # AlgorithmName:
472 # (see below)
473 #
474 # Constraint:
475 # KeySizeConstraint | CAConstraint | DenyAfterConstraint |
476 # UsageConstraint
477 #
478 # KeySizeConstraint:
479 # keySize Operator KeyLength
480 #
481 # Operator:
482 # <= | < | == | != | >= | >
483 #
484 # KeyLength:
485 # Integer value of the algorithm's key length in bits
486 #
487 # CAConstraint:
488 # jdkCA
489 #
490 # DenyAfterConstraint:
491 # denyAfter YYYY-MM-DD
492 #
493 # UsageConstraint:
494 # usage [TLSServer] [TLSClient] [SignedJAR]
495 #
496 # The "AlgorithmName" is the standard algorithm name of the disabled
497 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
498 # Documentation" for information about Standard Algorithm Names. Matching
499 # is performed using a case-insensitive sub-element matching rule. (For
500 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
501 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
502 # sub-element of the certificate algorithm name, the algorithm will be
503 # rejected during certification path building and validation. For example,
504 # the assertion algorithm name "DSA" will disable all certificate algorithms
505 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
506 # will not disable algorithms related to "ECDSA".
507 #
508 # A "Constraint" defines restrictions on the keys and/or certificates for
509 # a specified AlgorithmName:
510 #
511 # KeySizeConstraint:
512 # keySize Operator KeyLength
513 # The constraint requires a key of a valid size range if the
514 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
515 # the key size specified in number of bits. For example,
516 # "RSA keySize <= 1024" indicates that any RSA key with key size less
517 # than or equal to 1024 bits should be disabled, and
518 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
519 # with key size less than 1024 or greater than 2048 should be disabled.
520 # This constraint is only used on algorithms that have a key size.
521 #
522 # CAConstraint:
523 # jdkCA
524 # This constraint prohibits the specified algorithm only if the
525 # algorithm is used in a certificate chain that terminates at a marked
526 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
527 # constraint is not set, then all chains using the specified algorithm
560 # chain that terminate at a distribution provided trust anchor and contain
561 # RSA keys that are less than or equal to 1024 bits, add the following
562 # constraint: "RSA keySize <= 1024 & jdkCA".
563 #
564 # All DisabledAlgorithms expressions are processed in the order defined in the
565 # property. This requires lower keysize constraints to be specified
566 # before larger keysize constraints of the same algorithm. For example:
567 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
568 #
569 # Note: The algorithm restrictions do not apply to trust anchors or
570 # self-signed certificates.
571 #
572 # Note: This property is currently used by Oracle's PKIX implementation. It
573 # is not guaranteed to be examined and used by other implementations.
574 #
575 # Example:
576 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
577 #
578 #
579 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
580 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
581
582 #
583 # Algorithm restrictions for signed JAR files
584 #
585 # In some environments, certain algorithms or key lengths may be undesirable
586 # for signed JAR validation. For example, "MD2" is generally no longer
587 # considered to be a secure hash algorithm. This section describes the
588 # mechanism for disabling algorithms based on algorithm name and/or key length.
589 # JARs signed with any of the disabled algorithms or key sizes will be treated
590 # as unsigned.
591 #
592 # The syntax of the disabled algorithm string is described as follows:
593 # DisabledAlgorithms:
594 # " DisabledAlgorithm { , DisabledAlgorithm } "
595 #
596 # DisabledAlgorithm:
597 # AlgorithmName [Constraint] { '&' Constraint }
598 #
599 # AlgorithmName:
600 # (see below)
603 # KeySizeConstraint | DenyAfterConstraint
604 #
605 # KeySizeConstraint:
606 # keySize Operator KeyLength
607 #
608 # DenyAfterConstraint:
609 # denyAfter YYYY-MM-DD
610 #
611 # Operator:
612 # <= | < | == | != | >= | >
613 #
614 # KeyLength:
615 # Integer value of the algorithm's key length in bits
616 #
617 # Note: This property is currently used by the JDK Reference
618 # implementation. It is not guaranteed to be examined and used by other
619 # implementations.
620 #
621 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
622 #
623 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
624
625 #
626 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
627 # (SSL/TLS) processing
628 #
629 # In some environments, certain algorithms or key lengths may be undesirable
630 # when using SSL/TLS. This section describes the mechanism for disabling
631 # algorithms during SSL/TLS security parameters negotiation, including
632 # protocol version negotiation, cipher suites selection, peer authentication
633 # and key exchange mechanisms.
634 #
635 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
636 # if they are enabled explicitly in an application.
637 #
638 # For PKI-based peer authentication and key exchange mechanisms, this list
639 # of disabled algorithms will also be checked during certification path
640 # building and validation, including algorithms used in certificates, as
641 # well as revocation information such as CRLs and signed OCSP Responses.
642 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
643 #
644 # See the specification of "jdk.certpath.disabledAlgorithms" for the
645 # syntax of the disabled algorithm string.
646 #
647 # Note: The algorithm restrictions do not apply to trust anchors or
648 # self-signed certificates.
649 #
650 # Note: This property is currently used by the JDK Reference implementation.
651 # It is not guaranteed to be examined and used by other implementations.
652 #
653 # Example:
654 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
655 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
656 EC keySize < 224, 3DES_EDE_CBC, anon, NULL
657
658 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
659 # processing in JSSE implementation.
660 #
661 # In some environments, a certain algorithm may be undesirable but it
662 # cannot be disabled because of its use in legacy applications. Legacy
663 # algorithms may still be supported, but applications should not use them
664 # as the security strength of legacy algorithms are usually not strong enough
665 # in practice.
666 #
667 # During SSL/TLS security parameters negotiation, legacy algorithms will
668 # not be negotiated unless there are no other candidates.
669 #
670 # The syntax of the legacy algorithms string is described as this Java
671 # BNF-style:
672 # LegacyAlgorithms:
673 # " LegacyAlgorithm { , LegacyAlgorithm } "
674 #
675 # LegacyAlgorithm:
676 # AlgorithmName (standard JSSE algorithm name)
|
436 # (either a user or service).
437 #
438 # When a client issues an AS or a TGS request, the "canonicalize" option
439 # is set to announce support of this feature. A KDC server may fulfill the
440 # request or reply referring the client to a different one. If referred,
441 # the client will issue a new request and the cycle repeats.
442 #
443 # In addition to referrals, the "canonicalize" option allows the KDC server
444 # to change the client name in response to an AS request. For security reasons,
445 # RFC 6806 (section 11) FAST scheme is enforced.
446 #
447 # Disable Kerberos cross-realm referrals. Value may be overwritten with a
448 # System property (-Dsun.security.krb5.disableReferrals).
449 sun.security.krb5.disableReferrals=false
450
451 # Maximum number of AS or TGS referrals to avoid infinite loops. Value may
452 # be overwritten with a System property (-Dsun.security.krb5.maxReferrals).
453 sun.security.krb5.maxReferrals=5
454
455 #
456 # This property contains a list of disabled EC Named Curves that can be included
457 # in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this
458 # list in any of the disabledAlgorithms properties, add the property name as
459 # an entry.
460 jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \
461 secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \
462 secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \
463 sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \
464 sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \
465 sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \
466 X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \
467 X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \
468 X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \
469 brainpoolP320r1, brainpoolP384r1, brainpoolP512r1
470
471 #
472 # Algorithm restrictions for certification path (CertPath) processing
473 #
474 # In some environments, certain algorithms or key lengths may be undesirable
475 # for certification path building and validation. For example, "MD2" is
476 # generally no longer considered to be a secure hash algorithm. This section
477 # describes the mechanism for disabling algorithms based on algorithm name
478 # and/or key length. This includes algorithms used in certificates, as well
479 # as revocation information such as CRLs and signed OCSP Responses.
480 # The syntax of the disabled algorithm string is described as follows:
481 # DisabledAlgorithms:
482 # " DisabledAlgorithm { , DisabledAlgorithm } "
483 #
484 # DisabledAlgorithm:
485 # AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty
486 #
487 # AlgorithmName:
488 # (see below)
489 #
490 # Constraint:
491 # KeySizeConstraint | CAConstraint | DenyAfterConstraint |
492 # UsageConstraint
493 #
494 # KeySizeConstraint:
495 # keySize Operator KeyLength
496 #
497 # Operator:
498 # <= | < | == | != | >= | >
499 #
500 # KeyLength:
501 # Integer value of the algorithm's key length in bits
502 #
503 # CAConstraint:
504 # jdkCA
505 #
506 # DenyAfterConstraint:
507 # denyAfter YYYY-MM-DD
508 #
509 # UsageConstraint:
510 # usage [TLSServer] [TLSClient] [SignedJAR]
511 #
512 # IncludeProperty:
513 # include <security property>
514 #
515 # The "AlgorithmName" is the standard algorithm name of the disabled
516 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
517 # Documentation" for information about Standard Algorithm Names. Matching
518 # is performed using a case-insensitive sub-element matching rule. (For
519 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
520 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
521 # sub-element of the certificate algorithm name, the algorithm will be
522 # rejected during certification path building and validation. For example,
523 # the assertion algorithm name "DSA" will disable all certificate algorithms
524 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
525 # will not disable algorithms related to "ECDSA".
526 #
527 # The "IncludeProperty" allows a implementation-defined security property that
528 # can be included in the disabledAlgorithms properties. These properties are
529 # to help manage common actions easier across multiple disabledAlgorithm
530 # properties.
531 # There is one defined security property: jdk.disabled.NamedCurves
532 # See the property for more specific details.
533 #
534 #
535 # A "Constraint" defines restrictions on the keys and/or certificates for
536 # a specified AlgorithmName:
537 #
538 # KeySizeConstraint:
539 # keySize Operator KeyLength
540 # The constraint requires a key of a valid size range if the
541 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
542 # the key size specified in number of bits. For example,
543 # "RSA keySize <= 1024" indicates that any RSA key with key size less
544 # than or equal to 1024 bits should be disabled, and
545 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
546 # with key size less than 1024 or greater than 2048 should be disabled.
547 # This constraint is only used on algorithms that have a key size.
548 #
549 # CAConstraint:
550 # jdkCA
551 # This constraint prohibits the specified algorithm only if the
552 # algorithm is used in a certificate chain that terminates at a marked
553 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
554 # constraint is not set, then all chains using the specified algorithm
587 # chain that terminate at a distribution provided trust anchor and contain
588 # RSA keys that are less than or equal to 1024 bits, add the following
589 # constraint: "RSA keySize <= 1024 & jdkCA".
590 #
591 # All DisabledAlgorithms expressions are processed in the order defined in the
592 # property. This requires lower keysize constraints to be specified
593 # before larger keysize constraints of the same algorithm. For example:
594 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
595 #
596 # Note: The algorithm restrictions do not apply to trust anchors or
597 # self-signed certificates.
598 #
599 # Note: This property is currently used by Oracle's PKIX implementation. It
600 # is not guaranteed to be examined and used by other implementations.
601 #
602 # Example:
603 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
604 #
605 #
606 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
607 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
608 include jdk.disabled.namedCurves
609
610 #
611 # Algorithm restrictions for signed JAR files
612 #
613 # In some environments, certain algorithms or key lengths may be undesirable
614 # for signed JAR validation. For example, "MD2" is generally no longer
615 # considered to be a secure hash algorithm. This section describes the
616 # mechanism for disabling algorithms based on algorithm name and/or key length.
617 # JARs signed with any of the disabled algorithms or key sizes will be treated
618 # as unsigned.
619 #
620 # The syntax of the disabled algorithm string is described as follows:
621 # DisabledAlgorithms:
622 # " DisabledAlgorithm { , DisabledAlgorithm } "
623 #
624 # DisabledAlgorithm:
625 # AlgorithmName [Constraint] { '&' Constraint }
626 #
627 # AlgorithmName:
628 # (see below)
631 # KeySizeConstraint | DenyAfterConstraint
632 #
633 # KeySizeConstraint:
634 # keySize Operator KeyLength
635 #
636 # DenyAfterConstraint:
637 # denyAfter YYYY-MM-DD
638 #
639 # Operator:
640 # <= | < | == | != | >= | >
641 #
642 # KeyLength:
643 # Integer value of the algorithm's key length in bits
644 #
645 # Note: This property is currently used by the JDK Reference
646 # implementation. It is not guaranteed to be examined and used by other
647 # implementations.
648 #
649 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
650 #
651 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
652 DSA keySize < 1024, include jdk.disabled.namedCurves
653
654 #
655 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
656 # (SSL/TLS) processing
657 #
658 # In some environments, certain algorithms or key lengths may be undesirable
659 # when using SSL/TLS. This section describes the mechanism for disabling
660 # algorithms during SSL/TLS security parameters negotiation, including
661 # protocol version negotiation, cipher suites selection, peer authentication
662 # and key exchange mechanisms.
663 #
664 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
665 # if they are enabled explicitly in an application.
666 #
667 # For PKI-based peer authentication and key exchange mechanisms, this list
668 # of disabled algorithms will also be checked during certification path
669 # building and validation, including algorithms used in certificates, as
670 # well as revocation information such as CRLs and signed OCSP Responses.
671 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
672 #
673 # See the specification of "jdk.certpath.disabledAlgorithms" for the
674 # syntax of the disabled algorithm string.
675 #
676 # Note: The algorithm restrictions do not apply to trust anchors or
677 # self-signed certificates.
678 #
679 # Note: This property is currently used by the JDK Reference implementation.
680 # It is not guaranteed to be examined and used by other implementations.
681 #
682 # Example:
683 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
684 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
685 EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
686 include jdk.disabled.namedCurves
687
688 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
689 # processing in JSSE implementation.
690 #
691 # In some environments, a certain algorithm may be undesirable but it
692 # cannot be disabled because of its use in legacy applications. Legacy
693 # algorithms may still be supported, but applications should not use them
694 # as the security strength of legacy algorithms are usually not strong enough
695 # in practice.
696 #
697 # During SSL/TLS security parameters negotiation, legacy algorithms will
698 # not be negotiated unless there are no other candidates.
699 #
700 # The syntax of the legacy algorithms string is described as this Java
701 # BNF-style:
702 # LegacyAlgorithms:
703 # " LegacyAlgorithm { , LegacyAlgorithm } "
704 #
705 # LegacyAlgorithm:
706 # AlgorithmName (standard JSSE algorithm name)
|