Monday, 3 July 2017

Disable TLSv1 in java

Check which Java is currently running

[root@test ~]# java -version
java version "1.7.0_141"
OpenJDK Runtime Environment (rhel-2.6.10.1.el7_3-x86_64 u141-b02)
OpenJDK 64-Bit Server VM (build 24.141-b02, mixed mode)


Make changes in respective java.security file

Look for jdk.tls.disabledAlgorithms

[root@test ~]# grep TLSv1 /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64/jre/lib/security/java.security
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224

Update like below

[root@test ~]# grep TLSv1 /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64/jre/lib/security/java.security
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224, TLSv1

Restart respective java service to take effect.


No comments:

Post a Comment