Posts tagged: java

Enabling MD5withRSA in newer versions of Java

By , 2018-04-08 10:28

Oracle have decided to disable access to Java apps that use MD5withRSA signatures. For instance, when launching the .jnlp file to connect to my Lantronix Spider remote KVM, I am presented with this error:

To fix this, we have to change Java’s security settings. Unfortunately, settings for signature algorithms are not in the Java Control Panel, so we have to edit the config files directly.

On macOS, the default JRE installation’s root directory ($JAVA_HOME) is

/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home

on Windows, it would be

C:\Program Files\Java\jre1.8.0_131

where “1.8.0_131” is your specific Java version, and on Linux, JRE is installed in

/usr/lib/jvm/java-1.7.0-openjdk-amd64

once again where “1.7.0-openjdk-amd64” is your specific Java version.

In the JRE directory, we then need to edit the file

$JAVA_HOME/lib/security/java.security

and comment out the line that starts with “jdk.jar.disabledAlgorithms” by prefixing a #. Note that this will allow jar files signed with any algorithms to run, which can be considered insecure.

Sources:

  • https://learningintheopen.org/2017/11/03/java-jnlp-error-weak-signature-algorithm-md5withrsa/
  • https://stackoverflow.com/questions/15826202/where-is-java-installed-on-mac-os-x

Custom theme by me. Based on Panorama by Themocracy