JDK-8141050 : System property to enable RC4 based ciphersuites
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 6u111
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2015-10-30
  • Updated: 2018-10-08
  • Resolved: 2015-11-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
6u115Fixed 7u101 b01Fixed
Related Reports
Relates :  
Relates :  
Sub Tasks
JDK-8153020 :  
The JDK-8043202 fix in CPU 15_03 disabled RC4 based ciphersuites by default. It's a good step but it's causing issue for legacy applications.

We need to introduce a JDK implementation specific system property to allow RC4 suites. I suggest that we limit this property to JDK 6u and 7u releases
We need a Release Notes subtask containing the title and description from the comment.

release-note text proposal : ==== A new system property to control re-enabling of RC4-based ciphersuites is available with <this release>. Setting : -Djdk.tls.enableRC4CipherSuites=true will mean the following TLS/SSL ciphersuites are added to the default enabled JSSE ciphersuite list. * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA * TLS_ECDHE_RSA_WITH_RC4_128_SHA * TLS_ECDH_ECDSA_WITH_RC4_128_SHA * TLS_ECDH_RSA_WITH_RC4_128_SHA * SSL_RSA_WITH_RC4_128_SHA * SSL_RSA_WITH_RC4_128_MD5 This system property will only have impact on JDK 6u and JDK 7u families. By default, RC4-based ciphersuites are not in the default enabled list. They were removed in the 6u101 and 7u85 releases. ====

one proposed name for new system property is jdk.tls.enableRC4CipherSuites