JDK-8170131 : Certificates not being blocked by jdk.tls.disabledAlgorithms property
- Type: Bug
- Component: security-libs
- Sub-Component: javax.net.ssl
- Affected Version: 6,9
- Priority: P3
- Status: Closed
- Resolution: Fixed
- Submitted: 2016-11-21
- Updated: 2018-02-08
- Resolved: 2016-12-02
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 | JDK 7 | JDK 8 | JDK 9 | Other |
|---|---|---|---|---|
| 6u141Fixed | 7u131Fixed | 8u121Fixed  |
9 b148Fixed |
openjdk7uFixed |
Related Reports
|
Relates :
|
|
|
Relates :
|
Description
The jdk.tls.disabledAlgorithms property also applies to certificates, as the definition states in the java.security file: # For PKI-based peer authentication and key exchange mechanisms, this list # of disabled algorithms will also be checked during certification path # building and validation, including algorithms used in certificates, as # well as revocation information such as CRLs and signed OCSP Responses. # This is in addition to the jdk.certpath.disabledAlgorithms property above. This functionality is not currently working properly.
Comments
|