Brocade SANswitch Explorer and Java 7

User Rating: 0 / 5

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
Published: Sunday, 09 February 2014 13:06

It's been a while since my last blog post so now it really gets time to put some new stuff on my blog.

If you are a Brocade SAN administrator you probably ran into this issue if you keep your programs on your workstation up to date.

Since Java suffers a lot of security issues, Oracle enforced a higher security level by disabling java applets that are not encrypted with a strong cypher. To be a bit more detailed, Java disables all applets with weaks cyperhs below 1024 bits.

Obviously, Brocade uses these weak cyphers even in quite new versions of their SANswitchExplorer software. So starting the applet as usual with a quite recent Java 6 or 7 version will end in a tiny error message that this applet is disallowed to run.

Lowering the security level within the Java configuration GUI (via Windows control panel) doesn't have any effect, the applet won't still run.

The only way to allow the weak cyphers Brocades uses ist to edit the file at C:\Program files\Java\JRE7\lib\security. (if you use 32bit Java then look at C:\Program files(x86)\Java\JRE7....)

Search for the line:

jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024

and change the keySize to something below 512, eg.g. 256. Your new line now looks like:

jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 256

Save the file, close all browser windows, kill all remaining java processes within the task manager and restart the SANswitch Explorer applet.

Now everything should as usually.

This way you can use the latest Java version with all the really important bugfixes and, at the same time, still are able to use the older Brocade SANswitch applets.