Differences

This shows you the differences between two versions of the page.

--- computing:java_security [2016/07/07 09:41]
gcooper created
+++ computing:java_security [2017/07/11 09:35] (current)
gcooper
@@ Line 1: / Line 1: @@
 ====== Java Security Tweaks ======
+<note tip>If you are trying to use Java in a web browser, **use Internet Explorer as your browser as Firefox no longer supports the Java plugin** for security reasons.</note>
+<note warning>For versions of Java newer than 6, be sure to add the target to the **Exception Site List** of trusted URLs using the **Java Control Panel applet**, under the **Security tab**.</note>
+===== Algorithm constraints check failed: MD5withRSA =====
 Newer versions of Java require an SSL key length of at least 1024, however older apps may not provide that long of a key.
@@ Line 7: / Line 13: @@
 Here, we edit ''$JAVA_HOME/jre/lib/security/java.security'' to reduce the requirement to 512.
-Change ''1024'' to ''512'':
+Change ''1024'' to ''512'', ''256'' or ''128'' as necessary to cover the SSL cert being presented:
 <file>
 jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
+jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
 </file>
@@ Line 17: / Line 25: @@
 <file>
 jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 512
+jdk.tls.disabledAlgorithms=SSLv3, RC4
 </file>

Virtual Architects Support Wiki