1. Supportability Matrix for CA Service Desk Manager 14.1:
URL: https://docops.ca.com/ca-service-management/14-1/en/release-information/supportability-matrix#SupportabilityMatrix-Third-PartyCommonComponents
Under "Third-Party Common Components Support", the table shows that for the row named "Java Runtime Environment (JRE) and the column named "CA Service Desk Manager 14.1", the JRE version is 1.8.0_45 (32-bit).
On this page is the following note:
"Note: CA Service Management supports service packs and point releases not necessarily noted on this matrix as long as the problem reported is reproducible with versions that are listed on the support matrix. CA Technologies reserves the right to refuse support of new point releases should the reported problem require a major redesign to function properly. CA Support and Sustaining Engineering resolve any issue that occurs in a timely manner. If the resolution to a problem is determined to be outside the realm of their support responsibilities, they may ask that you escalate your request for certification to your local account team." -is-tomcat-upgraded-to-the-new-supported-version/KB000128856
2. To upgrade the JRE, perform steps like the ones documented for the upgrade of the JRE to 1.6.0_45. The URL in the documentation is:
https://docops.ca.com/ca-service-management/14-1/en/implementing/implementing-ca-service-management-14-1/step-4-install-or-upgrade/implementing-ca-service-desk-manager/how-to-install-ca-sdm/step-3-install-other-components#Step3-InstallOtherComponents-InstallandConfigureJRE1.8.0_45
3. To obtain the latest JRE, check this web page:
https://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html
4. Here is the URL of the release notes for JRE 1.8.0_161 and a relevant entry showing the change that makes unlimited cryptography the default starting with this JRE version.
https://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html#JDK-8170157
The relevant entry states:
"security-libs/javax.crypto
Unlimited cryptography enabled by default The JDK uses the Java Cryptography Extension (JCE) Jurisdiction Policy files to configure cryptographic algorithm restrictions. Previously, the Policy files in the JDK placed limits on various algorithms. This release ships with both the limited and unlimited jurisdiction policy files, with unlimited being the default. The behavior can be controlled via the new 'crypto.policy' Security property found in the /lib/java.security file. Please refer to that file for more information on this property."