From: | Mark Rotteveel <mark(at)lawinegevaar(dot)nl> |
---|---|
To: | pgsql-jdbc(at)lists(dot)postgresql(dot)org |
Subject: | Re: ssl connection issues |
Date: | 2018-09-17 09:56:03 |
Message-ID: | b37561e7ae8a4b2a9798b495dd36caa9@lawinegevaar.nl |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-jdbc |
On 2018-09-17 11:23, Gabriele Bulfon wrote:
> That may be a possibility, but given that I cannot upgrade at the
> moment, how can I check this and maybe change the required cipher to
> match?
Debugging SSL problems is not really something I do regularly, but you
may want to see if changing the settings in the java.security policy
helps. Settings to try are:
jdk.tls.disabledAlgorithms
jdk.certpath.disabledAlgorithms
For reference:
Java 8 Update 31, disabled SSLv3:
http://www.oracle.com/technetwork/java/javase/8u31-relnotes-2389094.html,
Java 8 Update 51, disabled some cipher suites, and limitations for DH
keys where added:
http://www.oracle.com/technetwork/java/javase/8u51-relnotes-2587590.html,
similar for Java 8 Update 60:
http://www.oracle.com/technetwork/java/javase/8u60-relnotes-2620227.html
Java 8 update 71 disabled MD5 hash validation of certificates
Java 8 update 121 added restrictions on DSA keysize:
http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html
Java 8 Update 141 disabled SHA-1 hashes for the certificate chain:
http://www.oracle.com/technetwork/java/javase/8u141-relnotes-3720385.html
Java 8 update 161 added limitations for DH keys, made some changes to
certificate validation and disabled a number of cipher suites:
http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html
Java 8 update 171 disabled some ciphersuites:
http://www.oracle.com/technetwork/java/javase/8u171-relnotes-4308888.html
Mark
From | Date | Subject | |
---|---|---|---|
Next Message | Alexander Kjäll | 2018-09-17 10:10:07 | Re: ssl connection issues |
Previous Message | Gabriele Bulfon | 2018-09-17 09:23:24 | Re: ssl connection issues |