Skip to content

Instantly share code, notes, and snippets.

@tkaczenko

tkaczenko/cert-path-validator-exception.md

Last active March 25, 2024 14:22
Show Gist options
  • Save tkaczenko/358861623ee599449c18ef9a0678f3de to your computer and use it in GitHub Desktop.
Save tkaczenko/358861623ee599449c18ef9a0678f3de to your computer and use it in GitHub Desktop.
Download ZIP
CertPathValidatorException: Algorithm constraints check failed on keysize limits: RSA 1024 bit key used with certificate: CN=SSL_Self_Signed_Fallback
Raw
cert-path-validator-exception.md

How to resolve CertPathValidatorException: Algorithm constraints check failed on keysize limits: RSA 1024 bit key used with certificate: CN=SSL_Self_Signed_Fallback?

Root cause of this issue lies on diferrences between SSL certificate and specified Java security policies.

The simpliest way to resolve it is disabling crypto-policies alignment, but It might be not a solution in some cases:

-Djava.security.disableSystemPropertiesFile=true

In my case, It was a solution.

Sources:

java.security.disableSystemPropertiesFile

  • System property passed to the JVM as an argument. For example, -Djava.security.disableSystemPropertiesFile=true.
  • Non-privileged access is enough.
  • Non-persistent configuration.
  • When set to true, both the global FIPS and the crypto-policies alignment are disabled; generating the same effect than a security.useSystemPropertiesFile=false security property. If both properties are set to different behaviors, java.security.disableSystemPropertiesFile overrides. By default, it is set to false.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment