enable TLS_RSA_WITH_AES_256_CBC_SHA256 in openJDK(build 1.8.0_121-b13) (original) (raw)

Seán Coffey sean.coffey at oracle.com
Thu Sep 28 10:05:59 UTC 2017

Check out the Oracle 8u152 early access binaries[1] also. There's a new security property to enable unlimited crypto. No more policy file downloads required! You can simply edit the jre/lib/java.security file to set "crypto.policy" to "unlimited" [2]

8u152 GA had a tentative release date for late October 2017.

[1] http://jdk.java.net/8/ [2] https://bugs.openjdk.java.net/browse/JDK-8157561

regards, Sean.

On 27/09/2017 22:34, Bernd Eckenfels wrote:

You need to install the unrestricted Cryptography policy files for JCE to enable AES255

Gruss Bernd -- http://bernd.eckenfels.net ------------------------------------------------------------------------ From: security-dev <security-dev-bounces at openjdk.java.net> on behalf of Su, Scott Di <Scott-Di.Su at sc.com> Sent: Tuesday, September 26, 2017 7:41:02 AM To: security-dev at openjdk.java.net Subject: enable TLSRSAWITHAES256CBCSHA256 in openJDK(build 1.8.0121-b13) Dear security dev, We are upgrading our app to run it from JDK 5 to JDK 8, and encounter TLSRSAWITHAES256CBCSHA256 not supported error, I have copy JCE download from Oracle website, any change needed to enable it, thanks in advance! Thanks & Regards, Scott

This email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please delete all copies and notify the sender immediately. You may wish to refer to the incorporation details of Standard Chartered PLC, Standard Chartered Bank and their subsidiaries at https://www.sc.com/en/incorporation-details.html

-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20170928/5334a75a/attachment.htm>

More information about the security-dev mailing list