enable TLS_RSA_WITH_AES_256_CBC_SHA256 in openJDK(build 1.8.0_121-b13)

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

enable TLS_RSA_WITH_AES_256_CBC_SHA256 in openJDK(build 1.8.0_121-b13)

Su, Scott Di

Dear security dev,

 

We are upgrading our app to run it from JDK 5 to JDK 8, and encounter TLS_RSA_WITH_AES_256_CBC_SHA256 not supported error, I have copy JCE download from Oracle website, any change needed to enable it, thanks in advance!

 

Thanks & Regards,

Scott

 


This email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please delete all copies and notify the sender immediately. You may wish to refer to the incorporation details of Standard Chartered PLC, Standard Chartered Bank and their subsidiaries at https://www.sc.com/en/incorporation-details.html
Reply | Threaded
Open this post in threaded view
|

Re: enable TLS_RSA_WITH_AES_256_CBC_SHA256 in openJDK(build 1.8.0_121-b13)

Bernd Eckenfels-4
You need to install the unrestricted Cryptography policy files for JCE to enable AES255


From: security-dev <[hidden email]> on behalf of Su, Scott Di <[hidden email]>
Sent: Tuesday, September 26, 2017 7:41:02 AM
To: [hidden email]
Subject: enable TLS_RSA_WITH_AES_256_CBC_SHA256 in openJDK(build 1.8.0_121-b13)
 

Dear security dev,

 

We are upgrading our app to run it from JDK 5 to JDK 8, and encounter TLS_RSA_WITH_AES_256_CBC_SHA256 not supported error, I have copy JCE download from Oracle website, any change needed to enable it, thanks in advance!

 

Thanks & Regards,

Scott

 


This email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please delete all copies and notify the sender immediately. You may wish to refer to the incorporation details of Standard Chartered PLC, Standard Chartered Bank and their subsidiaries at https://www.sc.com/en/incorporation-details.html
Reply | Threaded
Open this post in threaded view
|

Re: enable TLS_RSA_WITH_AES_256_CBC_SHA256 in openJDK(build 1.8.0_121-b13)

Seán Coffey

Check out the Oracle 8u152 early access binaries[1] also. There's a new security property to enable unlimited crypto. No more policy file downloads required! You can simply edit the jre/lib/java.security file to set "crypto.policy" to "unlimited" [2]

8u152 GA had a tentative release date for late October 2017.

[1] http://jdk.java.net/8/
[2] https://bugs.openjdk.java.net/browse/JDK-8157561

regards,
Sean.

On 27/09/2017 22:34, Bernd Eckenfels wrote:
You need to install the unrestricted Cryptography policy files for JCE to enable AES255


From: security-dev [hidden email] on behalf of Su, Scott Di [hidden email]
Sent: Tuesday, September 26, 2017 7:41:02 AM
To: [hidden email]
Subject: enable TLS_RSA_WITH_AES_256_CBC_SHA256 in openJDK(build 1.8.0_121-b13)
 

Dear security dev,

 

We are upgrading our app to run it from JDK 5 to JDK 8, and encounter TLS_RSA_WITH_AES_256_CBC_SHA256 not supported error, I have copy JCE download from Oracle website, any change needed to enable it, thanks in advance!

 

Thanks & Regards,

Scott

 


This email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please delete all copies and notify the sender immediately. You may wish to refer to the incorporation details of Standard Chartered PLC, Standard Chartered Bank and their subsidiaries at https://www.sc.com/en/incorporation-details.html