disabledAlgorithms "DHE keySize < 1024" support?

Bernd Eckenfels ecki at zusammenkunft.net
Fri May 22 21:34:35 UTC 2015


does jdk.tls.disabledAlgorithms support to disable DHE based on the
prime size (similiar to RSA keySize)? I have tried it, but I can only
disable DHE completely, but I cannot get a Java TLS client to enforce
higher standards (i.e. at least 768, better 1024) bit. I tried
Oracle 8u40. Is there another way to do that?


More information about the security-dev mailing list