How to Disable a Specific Cipher Suite from CSR Communication
From Content Security Reporter 2.8 and later.
- Navigate to C:\Program Files\Skyhigh\Content Security Reporter\jre\lib\security folder.
- Open the java.security file with an editor of your choice.
- Search for the jdk.tls.disabledAlgorithms entry.
The current default entry is:
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
- Add the information as a comma separated entry to jdk.tls.disabledAlgorithms=
For example, to disable TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, add the following, comma-separated entry:
jdk.tls.disabledAlgorithms=SSLv3, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, RC4, DES, MD5withRSA, DH keySize < 1024, \ EC keySize < 224, 3DES_EDE_CBC, anon, NULL
- Save the file and restart the CSR service.