github.com/apache/beam/sdks/v2@v2.48.2/java/container/java11/java11-security.properties

github.com/apache/beam/sdks/v2@v2.48.2/java/container/java11/java11-security.properties (about)

     1  # Licensed to the Apache Software Foundation (ASF) under one or more
     2  # contributor license agreements.  See the NOTICE file distributed with
     3  # this work for additional information regarding copyright ownership.
     4  # The ASF licenses this file to You under the Apache License, Version 2.0
     5  # (the "License"); you may not use this file except in compliance with
     6  # the License.  You may obtain a copy of the License at
     7  #
     8  #    http://www.apache.org/licenses/LICENSE-2.0
     9  #
    10  # Unless required by applicable law or agreed to in writing, software
    11  # distributed under the License is distributed on an "AS IS" BASIS,
    12  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  # See the License for the specific language governing permissions and
    14  # limitations under the License.
    15  
    16  # Java 11 java.security properties file override for JVM
    17  # base properties derived from:
    18  # openjdk version "11.0.16" 2022-07-19
    19  # OpenJDK Runtime Environment 18.9 (build 11.0.16+8)
    20  # OpenJDK 64-Bit Server VM 18.9 (build 11.0.16+8, mixed mode, sharing)
    21  
    22  # Java has now disabled TLSv1 and TLSv1.1. We specifically put it in the
    23  # legacy algorithms list to allow it to be used if something better is not
    24  # available (e.g. TLSv1.2). This will prevent breakages for existing users
    25  # (for example JDBC with MySQL). See
    26  # https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8202343
    27  # for additional details.
    28  jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, \
    29      DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
    30      include jdk.disabled.namedCurves
    31  
    32  jdk.tls.legacyAlgorithms= \
    33      K_NULL, C_NULL, M_NULL, \
    34      DH_anon, ECDH_anon, \
    35      RC4_128, RC4_40, DES_CBC, DES40_CBC, \
    36      3DES_EDE_CBC, TLSv1, TLSv1.1
    37  
    38  # /dev/random blocks in virtualized environments due to lack of
    39  # good entropy sources, which makes SecureRandom use impractical.
    40  # In particular, that affects the performance of HTTPS that relies
    41  # on SecureRandom.
    42  #
    43  # Due to that, /dev/urandom is used as the default.
    44  #
    45  # See http://www.2uo.de/myths-about-urandom/ for some background
    46  # on security of /dev/urandom on Linux.
    47  securerandom.source=file:/dev/./urandom