# HG changeset patch
# User mullan
# Date 1489494903 14400
# Node ID 0462723a58ef917dffbb97b29159be95d445f853
# Parent  b128e61f230e05c00bef6103b861f384ff9554d2
8176503: Disable SHA-1 TLS Server Certificates
Reviewed-by: vinnie, ascarpino

diff -r b128e61f230e -r 0462723a58ef jdk/src/java.base/share/conf/security/java.security
--- a/jdk/src/java.base/share/conf/security/java.security	Mon Mar 13 13:38:14 2017 -0700
+++ b/jdk/src/java.base/share/conf/security/java.security	Tue Mar 14 08:35:03 2017 -0400
@@ -598,8 +598,8 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
-    DSA keySize < 1024, EC keySize < 224
+jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
+    RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
 
 #
 # Algorithm restrictions for signed JAR files