BUG-3553 Introduce custom java.security config file

[controller.git] / karaf / opendaylight-karaf-resources / src / main / resources / etc / odl.java.security

# Custom java.security config file for odl. This file augmnets the defult java.security config file provided by the JRE itself
# Documentation: https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#DisabledAlgorithms
# Additional information can also be found in the default java.security file: JAVA_HOME/jre/lib/security/java.security

# Disable weak ciphers and ciphers vulnerable to the Logjam exploit, more information can be found here https://bugs.opendaylight.org/show_bug.cgi?id=3552
jdk.tls.disabledAlgorithms=EXPORT, RC4, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, anon