jdk.tls.disabledAlgorithms Java Security Property accepts an integer value corresponding to the number of seconds to cache The default value of jdk.tls.disabledAlgorithms depends on the version of Java. For example versions of java shipped after April 2021 disabled TLSv1 and TLSv1.1 by default using this security property.
jdk.tls.disabledAlgorithms ExplainedIf an algorithm is listed in this property it cannot be used for a TLS connection.
WARNING Be careful when changing this value, you don't want to accidentally enable a weak algorithm. Doing so may significantly decrease the security of your Java Application.
You might see an exception thrown that looks like this, when you try to use one of the protocols listed in the jdk.tls.disabledAlgorithms security property:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
Here are some other Java properties related to networking:
http.agenthttp.keepAlivehttp.maxConnectionshttps.protocolsjava.net.preferIPv4Stackjava.net.preferIPv6Addressesjava.net.useSystemProxiesjavax.net.debugjavax.net.ssl.trustStorejdk.net.hosts.filejdk.tls.client.protocolsnetworkaddress.cache.negative.ttlnetworkaddress.cache.ttlsun.net.client.defaultConnectTimeoutsun.net.client.defaultReadTimeoutsun.net.inetaddr.ttlJava has supported the jdk.tls.disabledAlgorithms security property since at least version 8, support may go back to even older versions of java.
jdk.tls.disabledAlgorithms at RuntimeYou can set jdk.tls.disabledAlgorithms at runtime with the following Java code:
java.security.Security.setProperty("jdk.tls.disabledAlgorithms", "value");
Please note that the jdk.tls.disabledAlgorithms value needs to be specified early, before the internal java classes are loaded that might use this value otherwise it will be ignored.
To read the value of jdk.tls.disabledAlgorithms at runtime, you can use this Java code:
String propertyValue = java.security.Security.getProperty("jdk.tls.disabledAlgorithms");
if (propertyValue != null) {
System.out.println("jdk.tls.disabledAlgorithms = " + propertyValue);
} else {
System.out.println("jdk.tls.disabledAlgorithms was null");
}
jdk.tls.disabledAlgorithms on StartupBe aware that jdk.tls.disabledAlgorithms is not a Java System Property, it is a Java Security Property. Therefor you cannot set it from the command line using -Djdk.tls.disabledAlgorithms. You have to set jdk.tls.disabledAlgorithms in the java.security properties file.