Wednesday, January 30, 2019

Java disabled certain TLS/SSL algorithms - enable them back

Now hear this.. You know it yourself: You have a server. Not a really old one, just a bit old. It has IPMI/ILO or whatever they call the Java remote console. And it stopped working (you can run the Java client app, but it fails to connect) with the modern Ubuntu installs as a client. What the fuck, you say... Well, the problem is:

01/30/2019 08:38:17:859:  Connection failed with exception: 
No appropriate protocol (protocol is disabled or cipher
suites are inappropriate)
The solution?: Comment out the algorithm disabling line in /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/java.security
#jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, \
#DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC