We are using java_overwrites.yaml to list some of the disabled algorithms as
“jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, include jdk.disabled.namedCurves”. We need to add SHA 1 in this list to make sure the VAs don’t use the algorithm for hashing. What is the exact value for jdk.jar.disabledAlgorithms we need to use to exclude SHA1 along with the algorithms listed in the string before? I see SHA1 , SHA-1 being used alternatingly. So, trying to confirm what needs to be used. Also, saw somewhere " SHA1 jdkCA & usage TLSServer" being mentioned in one of these discussions.
Any help would be highly appreciated.
Can you add “SHA1” to the jdk.jar.disabledAlgorithms property in your java_overwrites.yaml file? The exact value you may want to use is “SHA1”, not “SHA-1”.
This will ensure that the Virtual Appliances (VAs) don’t use SHA-1 for hashing.
Please remember to backup your original java_overwrites.yaml file before making any changes. If you encounter any issues, you can revert to the original file.
Thank you for your response. I tried that and I started getting “NoSuchAlgorithmException” and connection started failing. Here is the exception message:
PDContext creation failed with error: java.security.NoSuchAlgorithmException: No such algorithm. I have case open with Customer Service and in process of involving ES for this.