Details
-
Backport
-
Status: Resolved
-
P3
-
Resolution: Delivered
-
7u401, 8u391, 11.0.21-oracle, 17.0.9-oracle, 21
Description
The JDK implementation of TLS 1.2 now uses a default Diffie Hellman keysize of 2048 bits when a TLS_DHE cipher suite is negotiated.
As a workaround, users can revert to the previous size by setting the `jdk.tls.ephemeralDHKeySize` system property to 1024 (at their own risk).
As a workaround, users can revert to the previous size by setting the `jdk.tls.ephemeralDHKeySize` system property to 1024 (at their own risk).
Attachments
Issue Links
- backport of
-
JDK-8302171 Release Note: The Default TLS Diffie-Hellman Group Size Has Been Increased from 1024-bit to 2048-bit
-
- Resolved
-