Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Can you disable SHA1 with jdk.certpath.disabledAlgorithms?

1805461Jul 7 2016 — edited Jul 8 2016

If I add "SHA256" to jdk.certpath.disabledAlgorithms in java.security, I can no longer create SSL connections to a server with a certificate with a signature algorithm of "SHA256withRSA".


However, if I add "SHA1" to  jdk.certpath.disabledAlgorithms, I can still create SSL connections to a server with a certificate with a signature algorithm of "SHA1withRSA".

I have also tried adding "SHA-1" and "SHA1withRSA", with no luck.


Does anyone know why SHA256 can be disabled in this way, but not SHA1?

This is not just idle curiosity - I am trying to understand what other things might bear on disabling cert algorithms.

(This is jre1.8.0_66.)


Thanks in advance.

Kevin

Comments

EJP
Answer
The same way you compile and execute any other Java program.
Marked as Answer by 866768 · Sep 27 2020
863331
What's your problem? If you which, you can opst some code ....
YoungWinston
ruivale wrote:
What's your problem? If you which, you can opst some code ....
But which code should he opst?

Winston
EJP
What's your problem?
His problem is stated succinctly his question.
If you which, you can opst some code ....
Pointless. The answer is the same for any code.
796440
EJP wrote:
The answer is the same for anycode.
Oh, but it's not. If he starts with MyClass.java, and we tell him 
javac MyClass.java

java -cp . MyClass
then that advice won't work when he creates MyClass2. The poor guy will be left lost and alone, with no clue how to proceed! {noformat};-){noformat}
EJP
OMG you're right!

I need to go back and document how to compile every source file I've written, otherwise somebody might get confused.

Could take a while, I started in 1971.
1 - 6
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Aug 5 2016
Added on Jul 7 2016
#java-secure-socket-extension-jsse
1 comment
3,405 views