|
|
Ben Caradoc-Davies created an issue |
|
Document new mechanism to enable unlimited strength cryptography in Oracle JDK 8u151 or later |
|
Issue Type: |
|
|---|---|
|
Assignee: |
Unassigned |
|
Components: |
Documentation |
|
Created: |
05/Dec/17 10:21 PM |
|
Priority: |
|
|
Reporter: |
|
Oracle JDK 8u151 introduces a new mechanism to enable unlimited strength cryptography. For each new JDK installation, in jre/lib/security/java.security uncomment the line: to read: The old mechanism (installing policy jars) should still work: OpenJDK has unlimited strength cryptography by default and is not affected by this change. See: "New Features security-libs/javax.crypto This release introduces a new feature whereby the JCE jurisdiction policy files used by the JDK can be controlled via a new Security property. In older releases, JCE jurisdiction files had to be downloaded and installed separately to allow unlimited cryptography to be used by the JDK. The download and install steps are no longer necessary. To enable unlimited cryptography, one can use the new crypto.policy Security property. If the new Security property (crypto.policy) is set in the java.security file, or has been set dynamically by using the Security.setProperty() call before the JCE framework has been initialized, that setting will be honored. By default, the property will be undefined. If the property is undefined and the legacy JCE jurisdiction files don’t exist in the legacy lib/security directory, then the default cryptographic level will remain at ‘limited’. To configure the JDK to use unlimited cryptography, set the crypto.policy to a value of ‘unlimited’. See the notes in the java.security file shipping with this release for more information." |
|
|
|
Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS |
|
|
This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100074-sha1:43f7724) |
|
|
|