Pete Freitag Pete Freitag

TLSv1 and TLSv1.1 Disabled by Default in Java after April 2021

Updated: April 15, 2021

The OpenJDK Crypto Roadmap states that TLSv1 and TLSv1.1 will be disabled in OpenJDK releases by default after April 20, 2021. I assume this change also applies to Oracle, and all the JVMs that are derived from OpenJDK.

How are they disabling it? or how can I reenable it if I need to?

One nice feature you may not realize exists is the file. In Java 11 and up it is located in the folder conf/security/ under your JAVA_HOME. This file has a property called jdk.tls.disabledAlgorithms, right now it looks like this:

jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, 3DES_EDE_CBC, anon, NULL

You can see that this setting is currently used to disable SSLv3 and a few other ciphers / parameters.

After April 20, 2021 my guess is that they are going to add TLSv1 and TLSv1.1 to this list.

This is good to know, because you can make the change now to test and see if your application is impacted by adding those algorithms to jdk.tls.disabledAlgorithms now.

If it turns out that you do need to still connect to https servers over these weaker protocols, then you could potentially move them out of jdk.tls.disabledAlgorithms and into the setting jdk.tls.legacyAlgorithms.

According to the docs:

In some environments, a certain algorithm may be undesirable but it cannot be disabled because of its use in legacy applications. Legacy algorithms may still be supported, but applications should not use them as the security strength of legacy algorithms are usually not strong enough in practice.
During SSL/TLS security parameters negotiation, legacy algorithms will not be negotiated unless there are no other candidates.

This should only be done however if you are not able to upgrade the legacy servers to TLSv1.2 or TLSv1.3, for example because you don't operate them.

What error message might I get due to this?

Here's one you might see:

Unknown host: The server selected protocol version TLS10 is not accepted by client preferences [TLS13, TLS12]

You might also get a SSL Handshake Exception

Like this? Follow me ↯

TLSv1 and TLSv1.1 Disabled by Default in Java after April 2021 was first published on April 15, 2021.

If you like reading about java, tls, or openjdk then you might also like:


Thanks as always, Pete. And lest any miss the point, this will "be default" only in releases CREATED "after April 20, 2021".

(It's my experience with news like this that some readers could miss such a point and be fearing that this change might "just happen" to them, even without updating the JVM version.)

So to be clear: folks using Java 11.0.10 or Java 1.8.0_281 or earlier (the current Java "long term support releases") are unaffected, until those are updated and one implements that update.

But great point about how to go about "trying" the change before a subsequent update forces the change.
by Charlie Arehart on 04/15/2021 at 10:40:20 PM UTC
And now we can report that yep, a week after this post, Oracle DID create a new JVM version, and in it they DO confirm that they added those TLS versions to the file, and that "If you encounter issues, you can, at your own risk, re-enable the versions by removing "TLSv1" and/or "TLSv1.1" from the jdk.tls.disabledAlgorithms security property in the configuration file."

For more on the JVM updates (especially from the perspective of CF users), see a post I did:
by Charlie Arehart on 04/28/2021 at 8:54:38 PM UTC
Does anyone know if changing the jdk.tls.disabledAlgorithms security property requires a reboot of the operating system?
by Adam on 05/28/2021 at 8:14:01 PM UTC
@Adam - changing jdk.tls.disabledAlgorithms should not require an OS reboot, but you will need to restart whatever java processes you have running.
by Pete Freitag on 06/02/2021 at 4:15:04 PM UTC

Post a Comment