Similar to the steps outlined in the Set the Security Protocol document for the Controller, you can also set the security protocol or update the existing security protocol used by the EUM Server. The document link above refers to changing these settings for the Controller. However, these can be applied when setting the JRE security protocol for the EUM Server. The location of the JRE installation and java.securityfile for the EUM Server is the major difference to keep in mind when following the steps for the Controller. The process is still the same.
To enable encryption keys up to 256-bit in the EUM Server, download and install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files within the EUM Server's embedded Java runtime.
Extract the contents of the downloaded policy files.
Stop the EUM app server.
Make a copy of the original JCE policy files (US_export_policy.jar and local_policy.jar).
Replace the strong policy files in EUM Server's <java-home>\lib\security directory with the unlimited strength versions extracted during Step 2.
From the EUM Server's <java-home>\lib\security directory, make a copy of the java.security file and add the line jdk.tls.disabledAlgorithms=MD5, SHA1, DSA, DES RSA keySize < 2048 to the original file.
Save the changes.
Start the EUM app server.
As always, when making a change that will affect the availability and security of a production environment, we recommend testing in a development/pre-prod environment first to ensure you get the results you expect. Once verified outside of production, you can then follow the same steps in the live production environment. Precautionary measures such as backing up the original file before modification are always a good idea.