720 # If this property is not defined or the value is empty, the underlying JSSE
721 # provider's default group parameter is used for each connection.
722 #
723 # If the property value does not follow the grammar, or a particular group
724 # parameter is not valid, the connection will fall back and use the
725 # underlying JSSE provider's default group parameter.
726 #
727 # Note: This property is currently used by OpenJDK's JSSE implementation. It
728 # is not guaranteed to be examined and used by other implementations.
729 #
730 # Example:
731 # jdk.tls.server.defaultDHEParameters=
732 # { \
733 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
734 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
735 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
736 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
737 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
738 # FFFFFFFF FFFFFFFF, 2}
739
740 #
741 # The policy for the XML Signature secure validation mode. The mode is
742 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
743 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
744 # or by running the code with a SecurityManager.
745 #
746 # Policy:
747 # Constraint {"," Constraint }
748 # Constraint:
749 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint |
750 # ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint
751 # AlgConstraint
752 # "disallowAlg" Uri
753 # MaxTransformsConstraint:
754 # "maxTransforms" Integer
755 # MaxReferencesConstraint:
756 # "maxReferences" Integer
757 # ReferenceUriSchemeConstraint:
758 # "disallowReferenceUriSchemes" String { String }
759 # KeySizeConstraint:
|
720 # If this property is not defined or the value is empty, the underlying JSSE
721 # provider's default group parameter is used for each connection.
722 #
723 # If the property value does not follow the grammar, or a particular group
724 # parameter is not valid, the connection will fall back and use the
725 # underlying JSSE provider's default group parameter.
726 #
727 # Note: This property is currently used by OpenJDK's JSSE implementation. It
728 # is not guaranteed to be examined and used by other implementations.
729 #
730 # Example:
731 # jdk.tls.server.defaultDHEParameters=
732 # { \
733 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
734 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
735 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
736 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
737 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
738 # FFFFFFFF FFFFFFFF, 2}
739
740 # Cryptographic Jurisdiction Policy defaults
741 #
742 # Due to the import control restrictions of some countries, the default
743 # JCE policy files allow for strong but "limited" cryptographic key
744 # lengths to be used. If your country's cryptographic regulations allow,
745 # the "unlimited" strength policy files can be used instead, which contain
746 # no restrictions on cryptographic strengths.
747 #
748 # YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
749 # TO DETERMINE THE EXACT REQUIREMENTS.
750 #
751 # <java-home> (below) refers to the directory where the JRE was
752 # installed. It is determined based on whether you are running JCE
753 # on a JRE or a JRE contained within the Java Development Kit, or
754 # JDK(TM). The JDK contains the JRE, but at a different level in the
755 # file hierarchy. For example, if the JDK is installed in
756 # /home/user1/jdk1.8.0 on Unix or in C:\jdk1.8.0 on Windows, then
757 # <java-home> is:
758 #
759 # /home/user1/jdk1.8.0/jre [Unix]
760 # C:\jdk1.8.0\jre [Windows]
761 #
762 # If on the other hand the JRE is installed in /home/user1/jre1.8.0
763 # on Unix or in C:\jre1.8.0 on Windows, and the JDK is not
764 # installed, then <java-home> is:
765 #
766 # /home/user1/jre1.8.0 [Unix]
767 # C:\jre1.8.0 [Windows]
768 #
769 # On Windows, for each JDK installation, there may be additional
770 # JREs installed under the "Program Files" directory. Please make
771 # sure that you install the unlimited strength policy JAR files
772 # for all JREs that you plan to use.
773 #
774 # The policy files are jar files organized into subdirectories of
775 # <java-home>/lib/security/policy. Each directory contains a complete
776 # set of policy files.
777 #
778 # The "crypto.policy" Security property controls the directory selection,
779 # and thus the effective cryptographic policy.
780 #
781 # The default set of directories is:
782 #
783 # limited | unlimited
784 #
785 # however other directories can be created and configured.
786 #
787 # To support older JDK Update releases, the crypto.policy property
788 # is not defined by default. When the property is not defined, an
789 # update release binary aware of the new property will use the following
790 # logic to decide what crypto policy files get used :
791 #
792 # * If the US_export_policy.jar and local_policy.jar files are located
793 # in the (legacy) <java-home>/lib/security directory, then the rules
794 # embedded in those jar files will be used. This helps preserve compatibility
795 # for users upgrading from an older installation.
796 #
797 # * If crypto.policy is not defined and no such jar files are present in
798 # the legacy locations, then the JDK will use the limited settings
799 # (equivalent to crypto.policy=limited)
800 #
801 # Please see the JCA documentation for additional information on these
802 # files and formats.
803 #crypto.policy=unlimited
804
805 #
806 # The policy for the XML Signature secure validation mode. The mode is
807 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
808 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
809 # or by running the code with a SecurityManager.
810 #
811 # Policy:
812 # Constraint {"," Constraint }
813 # Constraint:
814 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint |
815 # ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint
816 # AlgConstraint
817 # "disallowAlg" Uri
818 # MaxTransformsConstraint:
819 # "maxTransforms" Integer
820 # MaxReferencesConstraint:
821 # "maxReferences" Integer
822 # ReferenceUriSchemeConstraint:
823 # "disallowReferenceUriSchemes" String { String }
824 # KeySizeConstraint:
|