I have created OpenJDK 6 packages for Precise and Wily (should run on Vivid as well) with TLS 1.1 enabled by default and a OpenJDK 7 package for Wily with TLS 1.2 enabled by default as well. If you can, please test those and let me know the results.
As for RC4, it has been fully disabled upstream now [1,2,3,4]. In particular:
* 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list
* 8050158: Introduce system property to maintain RC4 preference order
* 8043201: Deprecate RC4 in SunJSSE provider
* 8043202: Prohibit RC4 cipher suites
In order to use RC4 it seems that you need to set the system property "jdk.tls.preserveRC4CipherSuites" to "true" and make sure the algorithm you want to use is listed under "jdk.tls.legacyAlgorithms" in the java.security file (for Ubuntu it will be at /etc/java-7-openjdk/security/java.security or /etc/java-6-openjdk/security/java.security). Algorithms in jdk.tls.legacyAlgorithms will be tried only after exhausting all other options.
I have created OpenJDK 6 packages for Precise and Wily (should run on Vivid as well) with TLS 1.1 enabled by default and a OpenJDK 7 package for Wily with TLS 1.2 enabled by default as well. If you can, please test those and let me know the results.
$ sudo add-apt-repository ppa:tdaitx/openjdk
See repo at https:/ /launchpad. net/~tdaitx/ +archive/ ubuntu/ openjdk
As for RC4, it has been fully disabled upstream now [1,2,3,4]. In particular:
* 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list
* 8050158: Introduce system property to maintain RC4 preference order
* 8043201: Deprecate RC4 in SunJSSE provider
* 8043202: Prohibit RC4 cipher suites
In order to use RC4 it seems that you need to set the system property "jdk.tls. preserveRC4Ciph erSuites" to "true" and make sure the algorithm you want to use is listed under "jdk.tls. legacyAlgorithm s" in the java.security file (for Ubuntu it will be at /etc/java- 7-openjdk/ security/ java.security or /etc/java- 6-openjdk/ security/ java.security) . Algorithms in jdk.tls. legacyAlgorithm s will be tried only after exhausting all other options.
[1] http:// blog.fuseyism. com/index. php/2015/ 07/30/security- icedtea- 1-13-8- for-openjdk- 6-released/ blog.fuseyism. com/index. php/2015/ 07/23/security- icedtea- 2-5-6-for- openjdk- 7-released/ mail.openjdk. java.net/ pipermail/ jdk6-dev/ 2015-August/ 003540. html mail.openjdk. java.net/ pipermail/ jdk7u-dev/ 2015-August/ 010390. html
[2] http://
[3] http://
[4] http://