JDK-8208350 : Disable all DES cipher suites
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2018-07-26
  • Updated: 2019-02-06
  • Resolved: 2018-08-20
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 12 JDK 6 JDK 7 JDK 8 Other
11.0.1Fixed 12 b08Fixed 6u211Fixed 7u201Fixed 8u192Fixed openjdk7uFixed
Related Reports
CSR :  
Sub Tasks
JDK-8209658 :  
DES-based TLS cipher suites should be disabled. They are currently available but not enabled by default. To use them they must be explicitly enabled by an application, for example, by calling `SSLSocket.setEnabledCipherSuites`. Due to the age and insecurity of 56-bit DES, these cipher suites should no longer be available without additional intervention by the user or administrator through the `jdk.tls.disabledAlgorithms` Security property.
This is mainly a change to the jdk.tls.disabledAlgorithms Security property.