Deprecation of RC4 HMAC cipher for Kerberos in newer Java

Owned by Elias Brattli Sørensen
Last updated: Dec 13, 2022
1 min read

If you’re running or planning to run newer Java on your cluster, the RC4 HMAC cipher for Kerberos is deprecated from Java 17, and in the backports 7u361, 8u351 and 11.0.17-oracle. This means that Kerberos authentication will stop working when you upgrade to or above one of these Java versions if you have selected RC4 as the encryption type. You may read this release note from OpenJDK for more details: https://bugs.openjdk.org/browse/JDK-8289089.