Experiance of migrating MFT from Java 7 to Java 8

Post any question you may have in regards to GoAnywhere MFT and let our talented support staff and other users assist you.
If you need a quicker response, please create a support ticket via the customer portal my.goanywhere.com or contact our support team by email at [email protected].
2 posts Page 1 of 1

kmidderigh

Posts: 2
Joined: Mon Jan 26, 2015 11:41 am

Post by kmidderigh » Wed Jul 27, 2016 11:21 am
We are currently planning the migration of our MFT instances from Java 7 to Java 8 to resolve some negotiation failures when connecting with external clients via SFTP

However I am concerned that external clients with older Java installations maybe impacted by this migration.

The default Java 8 Security policy files includes some settings to allow customisation of the algorithms (as below) :

dk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024

jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768

jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC

I’d be very interested to hear about issues other MFT customers might have encountered during similar migrations and any adjustment to the settings above that were made to resolve issues (and any advice you can provide in this area – to allow the maximum backward compatibility with Java 7 security settings)

We haven’t encountered any specific issues so far but I’d like to be prepared before we deploy Java 8 to a busy testing environment.

Thanks :-)

Support_Rick

Support Specialist
Posts: 590
Joined: Tue Jul 17, 2012 2:12 pm
Location: Phoenix, AZ

Post by Support_Rick » Mon Aug 01, 2016 6:16 pm
kmidderigh

Currently, there haven't been any issues that have been brought to our attention other than the ones you have identified. They mostly involve outdated (weak) algorithms and the ability to handle such connections. You have identified how those are addressed by modification of the java.security file.

Please contact our support department if you have specific situations or instances that you would like reviewed by our technical staff.
Rick Elliott
Lead Solutions Consultant
(402) 944.4242
(800) 949-4696
2 posts Page 1 of 1