721 # If this property is not defined or the value is empty, the underlying JSSE
722 # provider's default group parameter is used for each connection.
723 #
724 # If the property value does not follow the grammar, or a particular group
725 # parameter is not valid, the connection will fall back and use the
726 # underlying JSSE provider's default group parameter.
727 #
728 # Note: This property is currently used by OpenJDK's JSSE implementation. It
729 # is not guaranteed to be examined and used by other implementations.
730 #
731 # Example:
732 # jdk.tls.server.defaultDHEParameters=
733 # { \
734 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
735 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
736 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
737 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
738 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
739 # FFFFFFFF FFFFFFFF, 2}
740
741 #
742 # The policy for the XML Signature secure validation mode. The mode is
743 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
744 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
745 # or by running the code with a SecurityManager.
746 #
747 # Policy:
748 # Constraint {"," Constraint }
749 # Constraint:
750 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint |
751 # ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint
752 # AlgConstraint
753 # "disallowAlg" Uri
754 # MaxTransformsConstraint:
755 # "maxTransforms" Integer
756 # MaxReferencesConstraint:
757 # "maxReferences" Integer
758 # ReferenceUriSchemeConstraint:
759 # "disallowReferenceUriSchemes" String { String }
760 # KeySizeConstraint:
|
721 # If this property is not defined or the value is empty, the underlying JSSE
722 # provider's default group parameter is used for each connection.
723 #
724 # If the property value does not follow the grammar, or a particular group
725 # parameter is not valid, the connection will fall back and use the
726 # underlying JSSE provider's default group parameter.
727 #
728 # Note: This property is currently used by OpenJDK's JSSE implementation. It
729 # is not guaranteed to be examined and used by other implementations.
730 #
731 # Example:
732 # jdk.tls.server.defaultDHEParameters=
733 # { \
734 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
735 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
736 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
737 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
738 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
739 # FFFFFFFF FFFFFFFF, 2}
740
741 # Cryptographic Jurisdiction Policy defaults
742 #
743 # Due to the import control restrictions of some countries, the default
744 # JCE policy files allow for strong but "limited" cryptographic key
745 # lengths to be used. If your country's cryptographic regulations allow,
746 # the "unlimited" strength policy files can be used instead, which contain
747 # no restrictions on cryptographic strengths.
748 #
749 # YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
750 # TO DETERMINE THE EXACT REQUIREMENTS.
751 #
752 # <java-home> (below) refers to the directory where the JRE was
753 # installed. It is determined based on whether you are running JCE
754 # on a JRE or a JRE contained within the Java Development Kit, or
755 # JDK(TM). The JDK contains the JRE, but at a different level in the
756 # file hierarchy. For example, if the JDK is installed in
757 # /home/user1/jdk1.8.0 on Unix or in C:\jdk1.8.0 on Windows, then
758 # <java-home> is:
759 #
760 # /home/user1/jdk1.8.0/jre [Unix]
761 # C:\jdk1.8.0\jre [Windows]
762 #
763 # If on the other hand the JRE is installed in /home/user1/jre1.8.0
764 # on Unix or in C:\jre1.8.0 on Windows, and the JDK is not
765 # installed, then <java-home> is:
766 #
767 # /home/user1/jre1.8.0 [Unix]
768 # C:\jre1.8.0 [Windows]
769 #
770 # On Windows, for each JDK installation, there may be additional
771 # JREs installed under the "Program Files" directory. Please make
772 # sure that you install the unlimited strength policy JAR files
773 # for all JREs that you plan to use.
774 #
775 # The policy files are jar files organized into subdirectories of
776 # <java-home>/lib/security/policy. Each directory contains a complete
777 # set of policy files.
778 #
779 # The "crypto.policy" Security property controls the directory selection,
780 # and thus the effective cryptographic policy.
781 #
782 # The default set of directories is:
783 #
784 # limited | unlimited
785 #
786 # however other directories can be created and configured.
787 #
788 # To support older JDK Update releases, the crypto.policy property
789 # is not defined by default. When the property is not defined, an
790 # update release binary aware of the new property will use the following
791 # logic to decide what crypto policy files get used :
792 #
793 # * If the US_export_policy.jar and local_policy.jar files are located
794 # in the (legacy) <java-home>/lib/security directory, then the rules
795 # embedded in those jar files will be used. This helps preserve compatibility
796 # for users upgrading from an older installation.
797 #
798 # * If crypto.policy is not defined and no such jar files are present in
799 # the legacy locations, then the JDK will use the limited settings
800 # (equivalent to crypto.policy=limited)
801 #
802 # Please see the JCA documentation for additional information on these
803 # files and formats.
804 #crypto.policy=unlimited
805
806 #
807 # The policy for the XML Signature secure validation mode. The mode is
808 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
809 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
810 # or by running the code with a SecurityManager.
811 #
812 # Policy:
813 # Constraint {"," Constraint }
814 # Constraint:
815 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint |
816 # ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint
817 # AlgConstraint
818 # "disallowAlg" Uri
819 # MaxTransformsConstraint:
820 # "maxTransforms" Integer
821 # MaxReferencesConstraint:
822 # "maxReferences" Integer
823 # ReferenceUriSchemeConstraint:
824 # "disallowReferenceUriSchemes" String { String }
825 # KeySizeConstraint:
|