Java Unlimited Strength Crypto Policy for Java 9 or 1.8.0_151
By Pete Freitag
Starting with Java 1.8.0_151 and 1.8.0_152 there is a new somewhat easier way to enable the unlimited strength jurisdiction policy for the JVM. Without enabling this you cannot use AES-256 for example.
First download the JRE, I like to use the
server-jre for servers. When you extract the server-jre look for the file
java.security in the
jre/lib/security folder. For example for Java 1.8.0_152 the file structure looks like this:
/jdk1.8.0_152 |- /jre |- /lib |- /security |- java.security
java.security with a text editor and look for the line that defines the java security property
crypto.policy it can have two values
unlimited - the default is
By default you should find a commented out line:
You can enable unlimited by uncommenting that line, remove the
Now restart your java applications that point to the JVM and you should be all set.
Java Unlimited Strength Crypto Policy for Java 9 or 1.8.0_151 was first published on October 19, 2017.
If you like reading about java, jre, security, or crypto then you might also like:
- Java 9 Security Enhancements
- Spring4Shell and ColdFusion
- Log4j 1.x Vulnerability Mitigation Guide
- Log4Shell Vulnerability Timeline
Weekly Security Advisories Email
Advisory Week is a new weekly email containing security advisories published by major software vendors (Adobe, Apple, Microsoft, etc).