8267100: [BACKOUT] JDK-8196415 Disable SHA-1 Signed JARs

Reviewed-by: mullan
2025-12-11 01:29:38 -06:00 · 2021-05-17 15:34:14 +00:00 · 2021-05-17 15:34:14 +00:00 · e84e18580d
commit e84e18580d
parent 860ca3fd75
1 changed files with 2 additions and 3 deletions
--- a/src/java.base/share/conf/security/java.security
+++ b/src/java.base/share/conf/security/java.security
@ -633,8 +633,7 @@ sun.security.krb5.maxReferrals=5
 #
 #
 jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
-    RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
-    SHA1 jdkCA & usage SignedJAR & denyAfter 2019-01-01
+    RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224

 #
 # Legacy algorithms for certification path (CertPath) processing and
@ -698,7 +697,7 @@ jdk.security.legacyAlgorithms=SHA1, \
 # See "jdk.certpath.disabledAlgorithms" for syntax descriptions.
 #
 jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
-      DSA keySize < 1024, SHA1 jdkCA & denyAfter 2019-01-01
+      DSA keySize < 1024

 #
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security