If I add "SHA256" to jdk.certpath.disabledAlgorithms in java.security, I can no longer create SSL connections to a server with a certificate with a signature algorithm of "SHA256withRSA".
However, if I add "SHA1" to jdk.certpath.disabledAlgorithms, I can still create SSL connections to a server with a certificate with a signature algorithm of "SHA1withRSA".
I have also tried adding "SHA-1" and "SHA1withRSA", with no luck.
Does anyone know why SHA256 can be disabled in this way, but not SHA1?
This is not just idle curiosity - I am trying to understand what other things might bear on disabling cert algorithms.
(This is jre1.8.0_66.)
Thanks in advance.
Kevin