Enabling MD5withRSA in newer versions of Java
Oracle have decided to disable access to Java apps that use MD5withRSA signatures. For instance, when launching the .jnlp file to connect to my Lantronix Spider remote KVM, I am presented with this error:
To fix this, we have to change Java’s security settings. Unfortunately, settings for signature algorithms are not in the Java Control Panel, so we have to edit the config files directly.
On macOS, the default JRE installation’s root directory ($JAVA_HOME) is
/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home
on Windows, it would be
C:\Program Files\Java\jre1.8.0_131
where “1.8.0_131” is your specific Java version, and on Linux, JRE is installed in
/usr/lib/jvm/java-1.7.0-openjdk-amd64
once again where “1.7.0-openjdk-amd64” is your specific Java version.
In the JRE directory, we then need to edit the file
$JAVA_HOME/lib/security/java.security
and comment out the line that starts with “jdk.jar.disabledAlgorithms” by prefixing a #. Note that this will allow jar files signed with any algorithms to run, which can be considered insecure.
Sources:
- https://learningintheopen.org/2017/11/03/java-jnlp-error-weak-signature-algorithm-md5withrsa/
- https://stackoverflow.com/questions/15826202/where-is-java-installed-on-mac-os-x