2 # This is the "master security properties file".
4 # An alternate java.security properties file may be specified
5 # from the command line via the system property
7 # -Djava.security.properties=<URL>
9 # This properties file appends to the master security properties file.
10 # If both properties files specify values for the same key, the value
11 # from the command-line properties file is selected, as it is the last
14 # Also, if you specify
16 # -Djava.security.properties==<URL> (2 equals),
18 # then that properties file completely overrides the master security
21 # To disable the ability to specify an additional properties file from
22 # the command line, set the key security.overridePropertiesFile
23 # to false in the master security properties file. It is set to true
26 # In this file, various security properties are set for use by
27 # java.security classes. This is where users can statically register
28 # Cryptography Package Providers ("providers" for short). The term
29 # "provider" refers to a package or set of packages that supply a
30 # concrete implementation of a subset of the cryptography aspects of
31 # the Java Security API. A provider may, for example, implement one or
32 # more digital signature algorithms or message digest algorithms.
34 # Each provider must implement a subclass of the Provider class.
35 # To register a provider in this master security properties file,
36 # specify the provider and priority in the format
38 # security.provider.<n>=<provName | className>
40 # This declares a provider, and specifies its preference
41 # order n. The preference order is the order in which providers are
42 # searched for requested algorithms (when no specific provider is
43 # requested). The order is 1-based; 1 is the most preferred, followed
46 # <provName> must specify the name of the Provider as passed to its super
47 # class java.security.Provider constructor. This is for providers loaded
48 # through the ServiceLoader mechanism.
50 # <className> must specify the subclass of the Provider class whose
51 # constructor sets the values of various properties that are required
52 # for the Java Security API to look up the algorithms or other
53 # facilities implemented by the provider. This is for providers loaded
56 # Note: Providers can be dynamically registered instead by calls to
57 # either the addProvider or insertProviderAt method in the Security
61 # List of providers and their preference orders (see above):
63 security.provider.1=SUN
64 security.provider.2=SunRsaSign
65 security.provider.3=SunEC
66 security.provider.4=SunJSSE
67 security.provider.5=SunJCE
68 security.provider.6=SunJGSS
69 security.provider.7=SunSASL
70 security.provider.8=XMLDSig
71 security.provider.9=SunPCSC
72 security.provider.10=JdkLDAP
73 security.provider.11=JdkSASL
74 security.provider.12=SunPKCS11
77 # A list of preferred providers for specific algorithms. These providers will
78 # be searched for matching algorithms before the list of registered providers.
79 # Entries containing errors (parsing, etc) will be ignored. Use the
80 # -Djava.security.debug=jca property to debug these errors.
82 # The property is a comma-separated list of serviceType.algorithm:provider
83 # entries. The serviceType (example: "MessageDigest") is optional, and if
84 # not specified, the algorithm applies to all service types that support it.
85 # The algorithm is the standard algorithm name or transformation.
86 # Transformations can be specified in their full standard name
87 # (ex: AES/CBC/PKCS5Padding), or as partial matches (ex: AES, AES/CBC).
88 # The provider is the name of the provider. Any provider that does not
89 # also appear in the registered list will be ignored.
91 # There is a special serviceType for this property only to group a set of
92 # algorithms together. The type is "Group" and is followed by an algorithm
93 # keyword. Groups are to simplify and lessen the entries on the property
94 # line. Current groups are:
95 # Group.SHA2 = SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
96 # Group.HmacSHA2 = HmacSHA224, HmacSHA256, HmacSHA384, HmacSHA512
97 # Group.SHA2RSA = SHA224withRSA, SHA256withRSA, SHA384withRSA, SHA512withRSA
98 # Group.SHA2DSA = SHA224withDSA, SHA256withDSA, SHA384withDSA, SHA512withDSA
99 # Group.SHA2ECDSA = SHA224withECDSA, SHA256withECDSA, SHA384withECDSA, \
101 # Group.SHA3 = SHA3-224, SHA3-256, SHA3-384, SHA3-512
102 # Group.HmacSHA3 = HmacSHA3-224, HmacSHA3-256, HmacSHA3-384, HmacSHA3-512
105 # jdk.security.provider.preferred=AES/GCM/NoPadding:SunJCE, \
106 # MessageDigest.SHA-256:SUN, Group.HmacSHA2:SunJCE
108 #jdk.security.provider.preferred=
112 # Sun Provider SecureRandom seed source.
114 # Select the primary source of seed data for the "NativePRNG", "SHA1PRNG"
115 # and "DRBG" SecureRandom implementations in the "Sun" provider.
116 # (Other SecureRandom implementations might also use this property.)
118 # On Unix-like systems (for example, Solaris/Linux/MacOS), the
119 # "NativePRNG", "SHA1PRNG" and "DRBG" implementations obtains seed data from
120 # special device files such as file:/dev/random.
122 # On Windows systems, specifying the URLs "file:/dev/random" or
123 # "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
124 # mechanism for SHA1PRNG and DRBG.
126 # By default, an attempt is made to use the entropy gathering device
127 # specified by the "securerandom.source" Security property. If an
128 # exception occurs while accessing the specified URL:
131 # a default value of /dev/random will be used. If neither
132 # are available, the implementation will be disabled.
133 # "file" is the only currently supported protocol type.
136 # the traditional system/thread activity algorithm will be used.
138 # The entropy gathering device can also be specified with the System
139 # property "java.security.egd". For example:
141 # % java -Djava.security.egd=file:/dev/random MainClass
143 # Specifying this System property will override the
144 # "securerandom.source" Security property.
146 # In addition, if "file:/dev/random" or "file:/dev/urandom" is
147 # specified, the "NativePRNG" implementation will be more preferred than
148 # DRBG and SHA1PRNG in the Sun provider.
150 securerandom.source=file:/dev/random
153 # A list of known strong SecureRandom implementations.
155 # To help guide applications in selecting a suitable strong
156 # java.security.SecureRandom implementation, Java distributions should
157 # indicate a list of known strong implementations using the property.
159 # This is a comma-separated list of algorithm and/or algorithm:provider
162 securerandom.strongAlgorithms=NativePRNGBlocking:SUN,DRBG:SUN
165 # Sun provider DRBG configuration and default instantiation request.
167 # NIST SP 800-90Ar1 lists several DRBG mechanisms. Each can be configured
168 # with a DRBG algorithm name, and can be instantiated with a security strength,
169 # prediction resistance support, etc. This property defines the configuration
170 # and the default instantiation request of "DRBG" SecureRandom implementations
171 # in the SUN provider. (Other DRBG implementations can also use this property.)
172 # Applications can request different instantiation parameters like security
173 # strength, capability, personalization string using one of the
174 # getInstance(...,SecureRandomParameters,...) methods with a
175 # DrbgParameters.Instantiation argument, but other settings such as the
176 # mechanism and DRBG algorithm names are not currently configurable by any API.
178 # Please note that the SUN implementation of DRBG always supports reseeding.
180 # The value of this property is a comma-separated list of all configurable
181 # aspects. The aspects can appear in any order but the same aspect can only
182 # appear at most once. Its BNF-style definition is:
185 # aspect { "," aspect }
188 # mech_name | algorithm_name | strength | capability | df
190 # // The DRBG mechanism to use. Default "Hash_DRBG"
192 # "Hash_DRBG" | "HMAC_DRBG" | "CTR_DRBG"
194 # // The DRBG algorithm name. The "SHA-***" names are for Hash_DRBG and
195 # // HMAC_DRBG, default "SHA-256". The "AES-***" names are for CTR_DRBG,
196 # // default "AES-128" when using the limited cryptographic or "AES-256"
197 # // when using the unlimited.
199 # "SHA-224" | "SHA-512/224" | "SHA-256" |
200 # "SHA-512/256" | "SHA-384" | "SHA-512" |
201 # "AES-128" | "AES-192" | "AES-256"
203 # // Security strength requested. Default "128"
205 # "112" | "128" | "192" | "256"
207 # // Prediction resistance and reseeding request. Default "none"
208 # // "pr_and_reseed" - Both prediction resistance and reseeding
209 # // support requested
210 # // "reseed_only" - Only reseeding support requested
211 # // "none" - Neither prediction resistance not reseeding
212 # // support requested
214 # "pr_and_reseed" | "reseed_only" | "none"
216 # // Whether a derivation function should be used. only applicable
217 # // to CTR_DRBG. Default "use_df"
222 # securerandom.drbg.config=Hash_DRBG,SHA-224,112,none
223 # securerandom.drbg.config=CTR_DRBG,AES-256,192,pr_and_reseed,use_df
225 # The default value is an empty string, which is equivalent to
226 # securerandom.drbg.config=Hash_DRBG,SHA-256,128,none
228 securerandom.drbg.config=
231 # Class to instantiate as the javax.security.auth.login.Configuration
234 login.configuration.provider=sun.security.provider.ConfigFile
237 # Default login configuration file
239 #login.config.url.1=file:${user.home}/.java.login.config
242 # Class to instantiate as the system Policy. This is the name of the class
243 # that will be used as the Policy object. The system class loader is used to
246 policy.provider=sun.security.provider.PolicyFile
248 # The default is to have a single system-wide policy file,
249 # and a policy file in the user's home directory.
251 policy.url.1=file:${java.home}/conf/security/java.policy
252 policy.url.2=file:${user.home}/.java.policy
254 # whether or not we expand properties in the policy file
255 # if this is set to false, properties (${...}) will not be expanded in policy
258 policy.expandProperties=true
260 # whether or not we allow an extra policy to be passed on the command line
261 # with -Djava.security.policy=somefile. Comment out this line to disable
264 policy.allowSystemProperty=true
266 # whether or not we look into the IdentityScope for trusted Identities
267 # when encountering a 1.1 signed JAR file. If the identity is found
268 # and is trusted, we grant it AllPermission. Note: the default policy
269 # provider (sun.security.provider.PolicyFile) does not support this property.
271 policy.ignoreIdentityScope=false
274 # Default keystore type.
279 # Controls compatibility mode for JKS and PKCS12 keystore types.
281 # When set to 'true', both JKS and PKCS12 keystore types support loading
282 # keystore files in either JKS or PKCS12 format. When set to 'false' the
283 # JKS keystore type supports loading only JKS keystore files and the PKCS12
284 # keystore type supports loading only PKCS12 keystore files.
286 keystore.type.compat=true
289 # List of comma-separated packages that start with or equal this string
290 # will cause a security exception to be thrown when passed to the
291 # SecurityManager::checkPackageAccess method unless the corresponding
292 # RuntimePermission("accessClassInPackage."+package) has been granted.
294 package.access=sun.misc.,\
298 # List of comma-separated packages that start with or equal this string
299 # will cause a security exception to be thrown when passed to the
300 # SecurityManager::checkPackageDefinition method unless the corresponding
301 # RuntimePermission("defineClassInPackage."+package) has been granted.
303 # By default, none of the class loaders supplied with the JDK call
304 # checkPackageDefinition.
306 package.definition=sun.misc.,\
310 # Determines whether this properties file can be appended to
311 # or overridden on the command line via -Djava.security.properties
313 security.overridePropertiesFile=true
316 # Determines the default key and trust manager factory algorithms for
317 # the javax.net.ssl package.
319 ssl.KeyManagerFactory.algorithm=SunX509
320 ssl.TrustManagerFactory.algorithm=PKIX
323 # The Java-level namelookup cache policy for successful lookups:
325 # any negative value: caching forever
326 # any positive value: the number of seconds to cache an address for
329 # default value is forever (FOREVER). For security reasons, this
330 # caching is made forever when a security manager is set. When a security
331 # manager is not set, the default behavior in this implementation
332 # is to cache for 30 seconds.
334 # NOTE: setting this to anything other than the default value can have
335 # serious security implications. Do not set it unless
336 # you are sure you are not exposed to DNS spoofing attack.
338 #networkaddress.cache.ttl=-1
340 # The Java-level namelookup cache policy for failed lookups:
342 # any negative value: cache forever
343 # any positive value: the number of seconds to cache negative lookup results
346 # In some Microsoft Windows networking environments that employ
347 # the WINS name service in addition to DNS, name service lookups
348 # that fail may take a noticeably long time to return (approx. 5 seconds).
349 # For this reason the default caching policy is to maintain these
350 # results for 10 seconds.
352 networkaddress.cache.negative.ttl=10
355 # Properties to configure OCSP for certificate revocation checking
360 # By default, OCSP is not used for certificate revocation checking.
361 # This property enables the use of OCSP when set to the value "true".
363 # NOTE: SocketPermission is required to connect to an OCSP responder.
369 # Location of the OCSP responder
371 # By default, the location of the OCSP responder is determined implicitly
372 # from the certificate being validated. This property explicitly specifies
373 # the location of the OCSP responder. The property is used when the
374 # Authority Information Access extension (defined in RFC 5280) is absent
375 # from the certificate or when it requires overriding.
378 # ocsp.responderURL=http://ocsp.example.net:80
381 # Subject name of the OCSP responder's certificate
383 # By default, the certificate of the OCSP responder is that of the issuer
384 # of the certificate being validated. This property identifies the certificate
385 # of the OCSP responder when the default does not apply. Its value is a string
386 # distinguished name (defined in RFC 2253) which identifies a certificate in
387 # the set of certificates supplied during cert path validation. In cases where
388 # the subject name alone is not sufficient to uniquely identify the certificate
389 # then both the "ocsp.responderCertIssuerName" and
390 # "ocsp.responderCertSerialNumber" properties must be used instead. When this
391 # property is set then those two properties are ignored.
394 # ocsp.responderCertSubjectName=CN=OCSP Responder, O=XYZ Corp
397 # Issuer name of the OCSP responder's certificate
399 # By default, the certificate of the OCSP responder is that of the issuer
400 # of the certificate being validated. This property identifies the certificate
401 # of the OCSP responder when the default does not apply. Its value is a string
402 # distinguished name (defined in RFC 2253) which identifies a certificate in
403 # the set of certificates supplied during cert path validation. When this
404 # property is set then the "ocsp.responderCertSerialNumber" property must also
405 # be set. When the "ocsp.responderCertSubjectName" property is set then this
406 # property is ignored.
409 # ocsp.responderCertIssuerName=CN=Enterprise CA, O=XYZ Corp
412 # Serial number of the OCSP responder's certificate
414 # By default, the certificate of the OCSP responder is that of the issuer
415 # of the certificate being validated. This property identifies the certificate
416 # of the OCSP responder when the default does not apply. Its value is a string
417 # of hexadecimal digits (colon or space separators may be present) which
418 # identifies a certificate in the set of certificates supplied during cert path
419 # validation. When this property is set then the "ocsp.responderCertIssuerName"
420 # property must also be set. When the "ocsp.responderCertSubjectName" property
421 # is set then this property is ignored.
424 # ocsp.responderCertSerialNumber=2A:FF:00
427 # Policy for failed Kerberos KDC lookups:
429 # When a KDC is unavailable (network error, service failure, etc), it is
430 # put inside a blacklist and accessed less often for future requests. The
431 # value (case-insensitive) for this policy can be:
434 # KDCs in the blacklist are always tried after those not on the list.
436 # tryLess[:max_retries,timeout]
437 # KDCs in the blacklist are still tried by their order in the configuration,
438 # but with smaller max_retries and timeout values. max_retries and timeout
439 # are optional numerical parameters (default 1 and 5000, which means once
440 # and 5 seconds). Please notes that if any of the values defined here is
441 # more than what is defined in krb5.conf, it will be ignored.
443 # Whenever a KDC is detected as available, it is removed from the blacklist.
444 # The blacklist is reset when krb5.conf is reloaded. You can add
445 # refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
446 # reloaded whenever a JAAS authentication is attempted.
449 # krb5.kdc.bad.policy = tryLast
450 # krb5.kdc.bad.policy = tryLess:2,2000
452 krb5.kdc.bad.policy = tryLast
455 # Algorithm restrictions for certification path (CertPath) processing
457 # In some environments, certain algorithms or key lengths may be undesirable
458 # for certification path building and validation. For example, "MD2" is
459 # generally no longer considered to be a secure hash algorithm. This section
460 # describes the mechanism for disabling algorithms based on algorithm name
461 # and/or key length. This includes algorithms used in certificates, as well
462 # as revocation information such as CRLs and signed OCSP Responses.
463 # The syntax of the disabled algorithm string is described as follows:
464 # DisabledAlgorithms:
465 # " DisabledAlgorithm { , DisabledAlgorithm } "
468 # AlgorithmName [Constraint] { '&' Constraint }
474 # KeySizeConstraint | CAConstraint | DenyAfterConstraint |
478 # keySize Operator KeyLength
481 # <= | < | == | != | >= | >
484 # Integer value of the algorithm's key length in bits
489 # DenyAfterConstraint:
490 # denyAfter YYYY-MM-DD
493 # usage [TLSServer] [TLSClient] [SignedJAR]
495 # The "AlgorithmName" is the standard algorithm name of the disabled
496 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
497 # Documentation" for information about Standard Algorithm Names. Matching
498 # is performed using a case-insensitive sub-element matching rule. (For
499 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
500 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
501 # sub-element of the certificate algorithm name, the algorithm will be
502 # rejected during certification path building and validation. For example,
503 # the assertion algorithm name "DSA" will disable all certificate algorithms
504 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
505 # will not disable algorithms related to "ECDSA".
507 # A "Constraint" defines restrictions on the keys and/or certificates for
508 # a specified AlgorithmName:
511 # keySize Operator KeyLength
512 # The constraint requires a key of a valid size range if the
513 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
514 # the key size specified in number of bits. For example,
515 # "RSA keySize <= 1024" indicates that any RSA key with key size less
516 # than or equal to 1024 bits should be disabled, and
517 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
518 # with key size less than 1024 or greater than 2048 should be disabled.
519 # This constraint is only used on algorithms that have a key size.
523 # This constraint prohibits the specified algorithm only if the
524 # algorithm is used in a certificate chain that terminates at a marked
525 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
526 # constraint is not set, then all chains using the specified algorithm
527 # are restricted. jdkCA may only be used once in a DisabledAlgorithm
529 # Example: To apply this constraint to SHA-1 certificates, include
530 # the following: "SHA1 jdkCA"
532 # DenyAfterConstraint:
533 # denyAfter YYYY-MM-DD
534 # This constraint prohibits a certificate with the specified algorithm
535 # from being used after the date regardless of the certificate's
536 # validity. JAR files that are signed and timestamped before the
537 # constraint date with certificates containing the disabled algorithm
538 # will not be restricted. The date is processed in the UTC timezone.
539 # This constraint can only be used once in a DisabledAlgorithm
541 # Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020,
542 # use the following: "RSA keySize == 2048 & denyAfter 2020-02-03"
545 # usage [TLSServer] [TLSClient] [SignedJAR]
546 # This constraint prohibits the specified algorithm for
547 # a specified usage. This should be used when disabling an algorithm
548 # for all usages is not practical. 'TLSServer' restricts the algorithm
549 # in TLS server certificate chains when server authentication is
550 # performed. 'TLSClient' restricts the algorithm in TLS client
551 # certificate chains when client authentication is performed.
552 # 'SignedJAR' constrains use of certificates in signed jar files.
553 # The usage type follows the keyword and more than one usage type can
554 # be specified with a whitespace delimiter.
555 # Example: "SHA1 usage TLSServer TLSClient"
557 # When an algorithm must satisfy more than one constraint, it must be
558 # delimited by an ampersand '&'. For example, to restrict certificates in a
559 # chain that terminate at a distribution provided trust anchor and contain
560 # RSA keys that are less than or equal to 1024 bits, add the following
561 # constraint: "RSA keySize <= 1024 & jdkCA".
563 # All DisabledAlgorithms expressions are processed in the order defined in the
564 # property. This requires lower keysize constraints to be specified
565 # before larger keysize constraints of the same algorithm. For example:
566 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
568 # Note: The algorithm restrictions do not apply to trust anchors or
569 # self-signed certificates.
571 # Note: This property is currently used by Oracle's PKIX implementation. It
572 # is not guaranteed to be examined and used by other implementations.
575 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
578 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
579 RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
582 # Algorithm restrictions for signed JAR files
584 # In some environments, certain algorithms or key lengths may be undesirable
585 # for signed JAR validation. For example, "MD2" is generally no longer
586 # considered to be a secure hash algorithm. This section describes the
587 # mechanism for disabling algorithms based on algorithm name and/or key length.
588 # JARs signed with any of the disabled algorithms or key sizes will be treated
591 # The syntax of the disabled algorithm string is described as follows:
592 # DisabledAlgorithms:
593 # " DisabledAlgorithm { , DisabledAlgorithm } "
596 # AlgorithmName [Constraint] { '&' Constraint }
602 # KeySizeConstraint | DenyAfterConstraint
605 # keySize Operator KeyLength
607 # DenyAfterConstraint:
608 # denyAfter YYYY-MM-DD
611 # <= | < | == | != | >= | >
614 # Integer value of the algorithm's key length in bits
616 # Note: This property is currently used by the JDK Reference
617 # implementation. It is not guaranteed to be examined and used by other
620 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
622 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
626 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
627 # (SSL/TLS/DTLS) processing
629 # In some environments, certain algorithms or key lengths may be undesirable
630 # when using SSL/TLS/DTLS. This section describes the mechanism for disabling
631 # algorithms during SSL/TLS/DTLS security parameters negotiation, including
632 # protocol version negotiation, cipher suites selection, peer authentication
633 # and key exchange mechanisms.
635 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
636 # if they are enabled explicitly in an application.
638 # For PKI-based peer authentication and key exchange mechanisms, this list
639 # of disabled algorithms will also be checked during certification path
640 # building and validation, including algorithms used in certificates, as
641 # well as revocation information such as CRLs and signed OCSP Responses.
642 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
644 # See the specification of "jdk.certpath.disabledAlgorithms" for the
645 # syntax of the disabled algorithm string.
647 # Note: The algorithm restrictions do not apply to trust anchors or
648 # self-signed certificates.
650 # Note: This property is currently used by the JDK Reference implementation.
651 # It is not guaranteed to be examined and used by other implementations.
654 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
655 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
656 EC keySize < 224, 3DES_EDE_CBC
659 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
660 # processing in JSSE implementation.
662 # In some environments, a certain algorithm may be undesirable but it
663 # cannot be disabled because of its use in legacy applications. Legacy
664 # algorithms may still be supported, but applications should not use them
665 # as the security strength of legacy algorithms are usually not strong enough
668 # During SSL/TLS security parameters negotiation, legacy algorithms will
669 # not be negotiated unless there are no other candidates.
671 # The syntax of the legacy algorithms string is described as this Java
674 # " LegacyAlgorithm { , LegacyAlgorithm } "
677 # AlgorithmName (standard JSSE algorithm name)
679 # See the specification of security property "jdk.certpath.disabledAlgorithms"
680 # for the syntax and description of the "AlgorithmName" notation.
682 # Per SSL/TLS specifications, cipher suites have the form:
683 # SSL_KeyExchangeAlg_WITH_CipherAlg_MacAlg
685 # TLS_KeyExchangeAlg_WITH_CipherAlg_MacAlg
687 # For example, the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA uses RSA as the
688 # key exchange algorithm, AES_128_CBC (128 bits AES cipher algorithm in CBC
689 # mode) as the cipher (encryption) algorithm, and SHA-1 as the message digest
690 # algorithm for HMAC.
692 # The LegacyAlgorithm can be one of the following standard algorithm names:
693 # 1. JSSE cipher suite name, e.g., TLS_RSA_WITH_AES_128_CBC_SHA
694 # 2. JSSE key exchange algorithm name, e.g., RSA
695 # 3. JSSE cipher (encryption) algorithm name, e.g., AES_128_CBC
696 # 4. JSSE message digest algorithm name, e.g., SHA
698 # See SSL/TLS specifications and "Java Cryptography Architecture Standard
699 # Algorithm Name Documentation" for information about the algorithm names.
701 # Note: If a legacy algorithm is also restricted through the
702 # jdk.tls.disabledAlgorithms property or the
703 # java.security.AlgorithmConstraints API (See
704 # javax.net.ssl.SSLParameters.setAlgorithmConstraints()),
705 # then the algorithm is completely disabled and will not be negotiated.
707 # Note: This property is currently used by the JDK Reference implementation.
708 # It is not guaranteed to be examined and used by other implementations.
709 # There is no guarantee the property will continue to exist or be of the
710 # same syntax in future releases.
713 # jdk.tls.legacyAlgorithms=DH_anon, DES_CBC, SSL_RSA_WITH_RC4_128_MD5
715 jdk.tls.legacyAlgorithms= \
716 K_NULL, C_NULL, M_NULL, \
717 DH_anon, ECDH_anon, \
718 RC4_128, RC4_40, DES_CBC, DES40_CBC, \
722 # The pre-defined default finite field Diffie-Hellman ephemeral (DHE)
723 # parameters for Transport Layer Security (SSL/TLS/DTLS) processing.
725 # In traditional SSL/TLS/DTLS connections where finite field DHE parameters
726 # negotiation mechanism is not used, the server offers the client group
727 # parameters, base generator g and prime modulus p, for DHE key exchange.
728 # It is recommended to use dynamic group parameters. This property defines
729 # a mechanism that allows you to specify custom group parameters.
731 # The syntax of this property string is described as this Java BNF-style:
732 # DefaultDHEParameters:
733 # DefinedDHEParameters { , DefinedDHEParameters }
735 # DefinedDHEParameters:
736 # "{" DHEPrimeModulus , DHEBaseGenerator "}"
745 # HexadecimalDigit { HexadecimalDigit }
747 # HexadecimalDigit: one of
748 # 0 1 2 3 4 5 6 7 8 9 A B C D E F a b c d e f
750 # Whitespace characters are ignored.
752 # The "DefinedDHEParameters" defines the custom group parameters, prime
753 # modulus p and base generator g, for a particular size of prime modulus p.
754 # The "DHEPrimeModulus" defines the hexadecimal prime modulus p, and the
755 # "DHEBaseGenerator" defines the hexadecimal base generator g of a group
756 # parameter. It is recommended to use safe primes for the custom group
759 # If this property is not defined or the value is empty, the underlying JSSE
760 # provider's default group parameter is used for each connection.
762 # If the property value does not follow the grammar, or a particular group
763 # parameter is not valid, the connection will fall back and use the
764 # underlying JSSE provider's default group parameter.
766 # Note: This property is currently used by OpenJDK's JSSE implementation. It
767 # is not guaranteed to be examined and used by other implementations.
770 # jdk.tls.server.defaultDHEParameters=
772 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
773 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
774 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
775 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
776 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
777 # FFFFFFFF FFFFFFFF, 2}
780 # TLS key limits on symmetric cryptographic algorithms
782 # This security property sets limits on algorithms key usage in TLS 1.3.
783 # When the amount of data encrypted exceeds the algorithm value listed below,
784 # a KeyUpdate message will trigger a key change. This is for symmetric ciphers
787 # The syntax for the property is described below:
789 # " KeyLimit { , KeyLimit } "
792 # AlgorithmName Action Length
795 # A full algorithm transformation.
801 # The amount of encrypted data in a session before the Action occurs
802 # This value may be an integer value in bytes, or as a power of two, 2^29.
805 # The TLS 1.3 KeyUpdate handshake process begins when the Length amount
808 # Note: This property is currently used by OpenJDK's JSSE implementation. It
809 # is not guaranteed to be examined and used by other implementations.
811 jdk.tls.keyLimits=AES/GCM/NoPadding KeyUpdate 2^37
814 # Cryptographic Jurisdiction Policy defaults
816 # Import and export control rules on cryptographic software vary from
817 # country to country. By default, Java provides two different sets of
818 # cryptographic policy files[1]:
820 # unlimited: These policy files contain no restrictions on cryptographic
821 # strengths or algorithms
823 # limited: These policy files contain more restricted cryptographic
826 # The default setting is determined by the value of the "crypto.policy"
827 # Security property below. If your country or usage requires the
828 # traditional restrictive policy, the "limited" Java cryptographic
829 # policy is still available and may be appropriate for your environment.
831 # If you have restrictions that do not fit either use case mentioned
832 # above, Java provides the capability to customize these policy files.
833 # The "crypto.policy" security property points to a subdirectory
834 # within <java-home>/conf/security/policy/ which can be customized.
835 # Please see the <java-home>/conf/security/policy/README.txt file or consult
836 # the Java Security Guide/JCA documentation for more information.
838 # YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
839 # TO DETERMINE THE EXACT REQUIREMENTS.
841 # [1] Please note that the JCE for Java SE, including the JCE framework,
842 # cryptographic policy files, and standard JCE providers provided with
843 # the Java SE, have been reviewed and approved for export as mass market
844 # encryption item by the US Bureau of Industry and Security.
846 # Note: This property is currently used by the JDK Reference implementation.
847 # It is not guaranteed to be examined and used by other implementations.
849 crypto.policy=unlimited
852 # The policy for the XML Signature secure validation mode. The mode is
853 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
854 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
855 # or by running the code with a SecurityManager.
858 # Constraint {"," Constraint }
860 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint |
861 # ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint
864 # MaxTransformsConstraint:
865 # "maxTransforms" Integer
866 # MaxReferencesConstraint:
867 # "maxReferences" Integer
868 # ReferenceUriSchemeConstraint:
869 # "disallowReferenceUriSchemes" String { String }
871 # "minKeySize" KeyAlg Integer
873 # "noDuplicateIds" | "noRetrievalMethodLoops"
875 # For AlgConstraint, Uri is the algorithm URI String that is not allowed.
876 # See the XML Signature Recommendation for more information on algorithm
877 # URI Identifiers. For KeySizeConstraint, KeyAlg is the standard algorithm
878 # name of the key type (ex: "RSA"). If the MaxTransformsConstraint,
879 # MaxReferencesConstraint or KeySizeConstraint (for the same key type) is
880 # specified more than once, only the last entry is enforced.
882 # Note: This property is currently used by the JDK Reference implementation. It
883 # is not guaranteed to be examined and used by other implementations.
885 jdk.xml.dsig.secureValidationPolicy=\
886 disallowAlg http://www.w3.org/TR/1999/REC-xslt-19991116,\
887 disallowAlg http://www.w3.org/2001/04/xmldsig-more#rsa-md5,\
888 disallowAlg http://www.w3.org/2001/04/xmldsig-more#hmac-md5,\
889 disallowAlg http://www.w3.org/2001/04/xmldsig-more#md5,\
892 disallowReferenceUriSchemes file http https,\
893 minKeySize RSA 1024,\
894 minKeySize DSA 1024,\
897 noRetrievalMethodLoops
900 # Serialization process-wide filter
902 # A filter, if configured, is used by java.io.ObjectInputStream during
903 # deserialization to check the contents of the stream.
904 # A filter is configured as a sequence of patterns, each pattern is either
905 # matched against the name of a class in the stream or defines a limit.
906 # Patterns are separated by ";" (semicolon).
907 # Whitespace is significant and is considered part of the pattern.
909 # If the system property jdk.serialFilter is also specified, it supersedes
910 # the security property value defined here.
912 # If a pattern includes a "=", it sets a limit.
913 # If a limit appears more than once the last value is used.
914 # Limits are checked before classes regardless of the order in the
915 # sequence of patterns.
916 # If any of the limits are exceeded, the filter status is REJECTED.
918 # maxdepth=value - the maximum depth of a graph
919 # maxrefs=value - the maximum number of internal references
920 # maxbytes=value - the maximum number of bytes in the input stream
921 # maxarray=value - the maximum array length allowed
923 # Other patterns, from left to right, match the class or package name as
924 # returned from Class.getName.
925 # If the class is an array type, the class or package to be matched is the
927 # Arrays of any number of dimensions are treated the same as the element type.
928 # For example, a pattern of "!example.Foo", rejects creation of any instance or
929 # array of example.Foo.
931 # If the pattern starts with "!", the status is REJECTED if the remaining
932 # pattern is matched; otherwise the status is ALLOWED if the pattern matches.
933 # If the pattern contains "/", the non-empty prefix up to the "/" is the
935 # if the module name matches the module name of the class then
936 # the remaining pattern is matched with the class name.
937 # If there is no "/", the module name is not compared.
938 # If the pattern ends with ".**" it matches any class in the package and all
940 # If the pattern ends with ".*" it matches any class in the package.
941 # If the pattern ends with "*", it matches any class with the pattern as a
943 # If the pattern is equal to the class name, it matches.
944 # Otherwise, the status is UNDECIDED.
946 #jdk.serialFilter=pattern;pattern
949 # RMI Registry Serial Filter
951 # The filter pattern uses the same format as jdk.serialFilter.
952 # This filter can override the builtin filter if additional types need to be
953 # allowed or rejected from the RMI Registry or to decrease limits but not
954 # to increase limits.
955 # If the limits (maxdepth, maxrefs, or maxbytes) are exceeded, the object is rejected.
957 # Each non-array type is allowed or rejected if it matches one of the patterns,
958 # evaluated from left to right, and is otherwise allowed. Arrays of any
959 # component type, including subarrays and arrays of primitives, are allowed.
961 # Array construction of any component type, including subarrays and arrays of
962 # primitives, are allowed unless the length is greater than the maxarray limit.
963 # The filter is applied to each array element.
965 # Note: This property is currently used by the JDK Reference implementation.
966 # It is not guaranteed to be examined and used by other implementations.
968 # The built-in filter allows subclasses of allowed classes and
969 # can approximately be represented as the pattern:
971 #sun.rmi.registry.registryFilter=\
976 # java.lang.reflect.Proxy;\
978 # sun.rmi.server.UnicastRef;\
979 # sun.rmi.server.RMIClientSocketFactory;\
980 # sun.rmi.server.RMIServerSocketFactory;\
981 # java.rmi.activation.ActivationID;\
982 # java.rmi.server.UID
984 # RMI Distributed Garbage Collector (DGC) Serial Filter
986 # The filter pattern uses the same format as jdk.serialFilter.
987 # This filter can override the builtin filter if additional types need to be
988 # allowed or rejected from the RMI DGC.
990 # Note: This property is currently used by the JDK Reference implementation.
991 # It is not guaranteed to be examined and used by other implementations.
993 # The builtin DGC filter can approximately be represented as the filter pattern:
995 #sun.rmi.transport.dgcFilter=\
996 # java.rmi.server.ObjID;\
997 # java.rmi.server.UID;\
998 # java.rmi.dgc.VMID;\
999 # java.rmi.dgc.Lease;\
1000 # maxdepth=5;maxarray=10000
1002 # CORBA ORBIorTypeCheckRegistryFilter
1003 # Type check enhancement for ORB::string_to_object processing
1005 # An IOR type check filter, if configured, is used by an ORB during
1006 # an ORB::string_to_object invocation to check the veracity of the type encoded
1007 # in the ior string.
1009 # The filter pattern consists of a semi-colon separated list of class names.
1010 # The configured list contains the binary class names of the IDL interface types
1011 # corresponding to the IDL stub class to be instantiated.
1012 # As such, a filter specifies a list of IDL stub classes that will be
1013 # allowed by an ORB when an ORB::string_to_object is invoked.
1014 # It is used to specify a white list configuration of acceptable
1015 # IDL stub types which may be contained in a stringified IOR
1016 # parameter passed as input to an ORB::string_to_object method.
1018 # Note: This property is currently used by the JDK Reference implementation.
1019 # It is not guaranteed to be examined and used by other implementations.
1021 #com.sun.CORBA.ORBIorTypeCheckRegistryFilter=binary_class_name;binary_class_name
1024 # JCEKS Encrypted Key Serial Filter
1026 # This filter, if configured, is used by the JCEKS KeyStore during the
1027 # deserialization of the encrypted Key object stored inside a key entry.
1028 # If not configured or the filter result is UNDECIDED (i.e. none of the patterns
1029 # matches), the filter configured by jdk.serialFilter will be consulted.
1031 # If the system property jceks.key.serialFilter is also specified, it supersedes
1032 # the security property value defined here.
1034 # The filter pattern uses the same format as jdk.serialFilter. The default
1035 # pattern allows java.lang.Enum, java.security.KeyRep, java.security.KeyRep$Type,
1036 # and javax.crypto.spec.SecretKeySpec and rejects all the others.
1037 jceks.key.serialFilter = java.base/java.lang.Enum;java.base/java.security.KeyRep;\
1038 java.base/java.security.KeyRep$Type;java.base/javax.crypto.spec.SecretKeySpec;!*
1041 # Enhanced exception message information
1043 # By default, exception messages should not include potentially sensitive
1044 # information such as file names, host names, or port numbers. This property
1045 # accepts one or more comma separated values, each of which represents a
1046 # category of enhanced exception message information to enable. Values are
1047 # case-insensitive. Leading and trailing whitespaces, surrounding each value,
1048 # are ignored. Unknown values are ignored.
1050 # NOTE: Use caution before setting this property. Setting this property
1051 # exposes sensitive information in Exceptions, which could, for example,
1052 # propagate to untrusted code or be emitted in stack traces that are
1053 # inadvertently disclosed and made accessible over a public network.
1055 # The categories are:
1057 # hostInfo - IOExceptions thrown by java.net.Socket and the socket types in the
1058 # java.nio.channels package will contain enhanced exception
1059 # message information
1061 # The property setting in this file can be overridden by a system property of
1062 # the same name, with the same syntax and possible values.
1064 #jdk.includeInExceptions=hostInfo