Uploaded image for project: 'DC/OS'
  1. DC/OS
  2. DCOS_OSS-2071

java: Add option to install DC/OS with java supporting AES256 cipher

    Details

      Description

      Java version 1.8.151 is now shipped with JCE files that are necessary to support AES256 cipher.

      security-libs/javax.crypto
       New Security property to control crypto policy
      This release introduces a new feature whereby the JCE jurisdiction policy files used by the JDK can be controlled via a new Security property. In older releases, JCE jurisdiction files had to be downloaded and installed separately to allow unlimited cryptography to be used by the JDK. The download and install steps are no longer necessary. To enable unlimited cryptography, one can use the new crypto.policy Security property. If the new Security property (crypto.policy) is set in the java.security file, or has been set dynamically by using the Security.setProperty() call before the JCE framework has been initialized, that setting will be honored. By default, the property will be undefined. If the property is undefined and the legacy JCE jurisdiction files don't exist in the legacy lib/security directory, then the default cryptographic level will remain at 'limited'. To configure the JDK to use unlimited cryptography, set the crypto.policy to a value of 'unlimited'. See the notes in the java.security file shipping with this release for more information.
      

      http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html

      We should add install option for DC/OS to enable unlimited cryptography support in Java.

      CC Jan-Philip Gehrcke

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mhrabovcin.c Martin Hrabovcin
                Reporter:
                mhrabovcin.c Martin Hrabovcin
                Team:
                DELETE Security Team
                Watchers:
                Jan-Philip Gehrcke (Inactive), Martin Hrabovcin
              • Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support

                    NextupJiraPlusStatus

                    Error rendering 'slack.nextup.jira:nextup-jira-plus-status'. Please contact your JIRA administrators.