Our security program flagged our Java-server for using static key ciphers. Thus I added these algorithms to the jdk.tls.disabledAlgorithms inside of java.security:
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
Because the servers are only scanned once a week, I cannot check the security portal to see if the changes were applied.
Do I have to restart the Java-server, reload the java.security file somehow or do these changes directly apply?