SSL handshake exception: “Algorithm constraints check failed: MD5withRSA”

Question

I tried to install Oracle Entitlements Server Client. When I call

config.cmd -smConfigId Sample-SM -prpFileName C:\\oracle\\product\\11.1.2\\as_1\\oessm\\SM         


        

Answer 1

The problem is caused by Oracle disabling hash algorithms which are no longer considered to be secure. Take a look at

JRE_HOME/lib/security/java.security

It contains the following properties:

jdk.certpath.disabledAlgorithms
jdk.tls.disabledAlgorithms

You can adjust them appropriately. For example, remove MD5 from the former and MD5withRSA from the latter.

Hint for docker images:

there is additional config file /etc/crypto-policies/back-ends/java.config in some docker images like keycloak in my case which overrides values in java.security