718 # If this property is not defined or the value is empty, the underlying JSSE
719 # provider's default group parameter is used for each connection.
720 #
721 # If the property value does not follow the grammar, or a particular group
722 # parameter is not valid, the connection will fall back and use the
723 # underlying JSSE provider's default group parameter.
724 #
725 # Note: This property is currently used by OpenJDK's JSSE implementation. It
726 # is not guaranteed to be examined and used by other implementations.
727 #
728 # Example:
729 # jdk.tls.server.defaultDHEParameters=
730 # { \
731 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
732 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
733 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
734 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
735 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
736 # FFFFFFFF FFFFFFFF, 2}
737
738 #
739 # The policy for the XML Signature secure validation mode. The mode is
740 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
741 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
742 # or by running the code with a SecurityManager.
743 #
744 # Policy:
745 # Constraint {"," Constraint }
746 # Constraint:
747 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint |
748 # ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint
749 # AlgConstraint
750 # "disallowAlg" Uri
751 # MaxTransformsConstraint:
752 # "maxTransforms" Integer
753 # MaxReferencesConstraint:
754 # "maxReferences" Integer
755 # ReferenceUriSchemeConstraint:
756 # "disallowReferenceUriSchemes" String { String }
757 # KeySizeConstraint:
|
718 # If this property is not defined or the value is empty, the underlying JSSE
719 # provider's default group parameter is used for each connection.
720 #
721 # If the property value does not follow the grammar, or a particular group
722 # parameter is not valid, the connection will fall back and use the
723 # underlying JSSE provider's default group parameter.
724 #
725 # Note: This property is currently used by OpenJDK's JSSE implementation. It
726 # is not guaranteed to be examined and used by other implementations.
727 #
728 # Example:
729 # jdk.tls.server.defaultDHEParameters=
730 # { \
731 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
732 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
733 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
734 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
735 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
736 # FFFFFFFF FFFFFFFF, 2}
737
738 # Cryptographic Jurisdiction Policy defaults
739 #
740 # Due to the import control restrictions of some countries, the default
741 # JCE policy files allow for strong but "limited" cryptographic key
742 # lengths to be used. If your country's cryptographic regulations allow,
743 # the "unlimited" strength policy files can be used instead, which contain
744 # no restrictions on cryptographic strengths.
745 #
746 # YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
747 # TO DETERMINE THE EXACT REQUIREMENTS.
748 #
749 # <java-home> (below) refers to the directory where the JRE was
750 # installed. It is determined based on whether you are running JCE
751 # on a JRE or a JRE contained within the Java Development Kit, or
752 # JDK(TM). The JDK contains the JRE, but at a different level in the
753 # file hierarchy. For example, if the JDK is installed in
754 # /home/user1/jdk1.8.0 on Unix or in C:\jdk1.8.0 on Windows, then
755 # <java-home> is:
756 #
757 # /home/user1/jdk1.8.0/jre [Unix]
758 # C:\jdk1.8.0\jre [Windows]
759 #
760 # If on the other hand the JRE is installed in /home/user1/jre1.8.0
761 # on Unix or in C:\jre1.8.0 on Windows, and the JDK is not
762 # installed, then <java-home> is:
763 #
764 # /home/user1/jre1.8.0 [Unix]
765 # C:\jre1.8.0 [Windows]
766 #
767 # On Windows, for each JDK installation, there may be additional
768 # JREs installed under the "Program Files" directory. Please make
769 # sure that you install the unlimited strength policy JAR files
770 # for all JREs that you plan to use.
771 #
772 # The policy files are jar files organized into subdirectories of
773 # <java-home>/lib/security/policy. Each directory contains a complete
774 # set of policy files.
775 #
776 # The "crypto.policy" Security property controls the directory selection,
777 # and thus the effective cryptographic policy.
778 #
779 # The default set of directories is:
780 #
781 # limited | unlimited
782 #
783 # however other directories can be created and configured.
784 #
785 # To support older JDK Update releases, the crypto.policy property
786 # is not defined by default. When the property is not defined, an
787 # update release binary aware of the new property will use the following
788 # logic to decide what crypto policy files get used :
789 #
790 # * If the US_export_policy.jar and local_policy.jar files are located
791 # in the (legacy) <java-home>/lib/security directory, then the rules
792 # embedded in those jar files will be used. This helps preserve compatibility
793 # for users upgrading from an older installation.
794 #
795 # * If crypto.policy is not defined and no such jar files are present in
796 # the legacy locations, then the JDK will use the limited settings
797 # (equivalent to crypto.policy=limited)
798 #
799 # Please see the JCA documentation for additional information on these
800 # files and formats.
801 #crypto.policy=unlimited
802
803 #
804 # The policy for the XML Signature secure validation mode. The mode is
805 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
806 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
807 # or by running the code with a SecurityManager.
808 #
809 # Policy:
810 # Constraint {"," Constraint }
811 # Constraint:
812 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint |
813 # ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint
814 # AlgConstraint
815 # "disallowAlg" Uri
816 # MaxTransformsConstraint:
817 # "maxTransforms" Integer
818 # MaxReferencesConstraint:
819 # "maxReferences" Integer
820 # ReferenceUriSchemeConstraint:
821 # "disallowReferenceUriSchemes" String { String }
822 # KeySizeConstraint:
|