TLS 1.0 and TLS 1.1 are Disabled by Default in April 2021 Critical Patch Update

Applies To

Java SE JDK and JRE - Version 7 to 11 Any platform

Introduction

This article covers the “Disabling of TLS protocol 1.0/1.1” which is part of the April 2021 Critical Patch Update (CPU). TLS stands for Transport Layer Security. TLS evolved from the Secure Socket Layer (SSL) protocol and is specified by the Internet Engineering Task Force (IETF) Standards body. The intent of these protocols is to provide confidentiality, authenticity, and message integrity for communications between client and server applications over the web.

This article is a supplement to the existing Java SE documentation regarding the Oracle JRE and JDK Cryptographic Roadmap. It explains the implementation of an announced change for the support of two TLS protocol versions. For customers who still need to use these weaker versions of the TLS protocol, a workaround is described.

How the Protocols are Disabled

The TLSv1.0 and TLSv1.1 protocols are disabled by default beginning with the April 2021 Java Critical Patch Update (CPU). The specific Java versions in the April 2021 CPU are JDK 7u301, JDK 8u291, and JDK 11.0.11. TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer considered secure and have been superseded by more secure and modern versions (TLS 1.2 and 1.3). These protocols were disabled by adding TLSv1 and TLSv1.1 to the end of the jdk.tls.disabledAlgorithms property in the java.security file.

jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, 3DES_EDE_CBC, anon, NULL, TLSv1, TLSv1.1

Re-Enabling TLS 1.0 and TLS 1.1

These protocols are still supported but are no longer enabled by default. You can enable them by reversing the change that was made to the java.security configuration file. The location of the file depends on your operating system and version of Java.

Linux:

• JDK 11: <JDK_HOME>/jdk-11.<VERSION>/conf/security/java.security
• JDK 7 and 8: <JDK_HOME>/jre/lib/security/java.security

Windows:

• JDK 11: <JDK_HOME>\jdk-11.<VERSION>\conf\security\java.security
• JDK 8: C:\Program Files\Java\jdk1.8.0_<VERSION>\jre\lib\security\java.security

To reverse the change:

1. Make a backup copy of the java.security file for safety.
2. Edit the java.security file. Administrator permissions will be required.
3. Remove “TLSv1, TLSv1.1” from the end of the list for the jdk.tls.disabledAlgorithms property.

The jdk.tls.disabledAlgorithms property should now look like:

jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, 3DES_EDE_CBC, anon, NULL

Potential Errors

Here are some example errors that could be seen in output logs. In this case, extra debug information is captured by starting the applications with the Java debug option -Djavax.net.debug=all.

Client Side:

main, READ: TLSv1.1 Handshake, length = 888
check handshake state: server_hello[2]
*** ServerHello, TLSv1.1
RandomCookie: GMT: 1618423211 bytes = { 30, 113, 151, 95, 156, 214, 154, 91, 166, 115, 14, 53, 142, 184, 9, 129, 223, 133, 176, 24, 228, 145, 56, 77, 170, 80, 187, 98 }
Session ID: {96, 119, 46, 171, 237, 54, 176, 252, 198, 118, 60, 108, 237, 147, 194, 99, 223, 230, 72, 1, 32, 142, 101, 215, 123, 116, 158, 59, 91, 41, 124, 127}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
Extension extended_master_secret
***
main, handling exception: javax.net.ssl.SSLHandshakeException: Server chose TLSv1.1, but that protocol version is not enabled or not supported by the client.
main, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
main, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 03 00 02 02 28 ......(
main, called closeSocket()
javax.net.ssl.SSLHandshakeException: Server chose TLSv1.1, but that protocol version is not enabled or not supported by the client.

Server Side:

main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1.1 ALERT: fatal, handshake_failure
%% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2020)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1127)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221)
at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291)
at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295)
at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141)
at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229)
at java.io.BufferedWriter.flush(BufferedWriter.java:254)
at EchoServer.main(EchoServer.java:41)

References

• Oracle JRE and JDK Cryptographic Roadmap
• Additional information on Oracle’s JDK and JRE Cryptographic Algorithms. This document (linked from the Cryptographic Roadmap) shows what was done to disable these protocols.
• The Enhancement Request to Disable TLS 1.0 and 1.1

Last reviewed on Sat Feb 01 2025 00:00:00 GMT+0000 (Coordinated Universal Time)