Keeping Java Secure
The Java API offers several cryptographic features to help keep your applications secure. Best practices for maintaining the security of such Java applications include properly configuring them to use the correct cryptographic algorithms and security settings, and protecting the Java environment against vulnerabilities by keeping it up-to-date. Applications should also be developed using security best practices.
For help configuring your applications, see this site's sections on Cryptography, Trust Management, and X.509 Certificates.
To learn how to keep your application and environment safe, see the section on Vulnerability Protection.
For information on writing secure applications, please see the Secure Coding Guidelines for Java SE and the Security Developer's Guide.
Cryptography
Learn about the Java Cryptography Architecture, TLS, SSL, and more.
Trust Management in the JDK Libraries
Trust stores, key stores, and PKCS#12.
X.509 Certificates
Resources on managing certificates and certificate signing requests.
Vulnerability Protection
Security alerts, and best practices and useful information for keeping your JDK secure.
Troubleshooting Security-Related Issues
Learn how to troubleshoot a variety of security-related issues.
java.security
Learn how to find and use the java.security file.
Security Baselines
The Security Baselines provide a way for developers, and the JDK installer, to determine if a version of the JDK is up-to-date and has the latest security fixes.