diff --git a/TestSecurityProperties.java b/TestSecurityProperties.java
new file mode 100644
index 0000000..06a0b07
--- /dev/null
+++ b/TestSecurityProperties.java
@@ -0,0 +1,43 @@
+import java.io.File;
+import java.io.FileInputStream;
+import java.security.Security;
+import java.util.Properties;
+
+public class TestSecurityProperties {
+    // JDK 11
+    private static final String JDK_PROPS_FILE_JDK_11 = System.getProperty("java.home") + "/conf/security/java.security";
+    // JDK 8
+    private static final String JDK_PROPS_FILE_JDK_8 = System.getProperty("java.home") + "/lib/security/java.security";
+
+    public static void main(String[] args) {
+        Properties jdkProps = new Properties();
+        loadProperties(jdkProps);
+        for (Object key: jdkProps.keySet()) {
+            String sKey = (String)key;
+            String securityVal = Security.getProperty(sKey);
+            String jdkSecVal = jdkProps.getProperty(sKey);
+            if (!securityVal.equals(jdkSecVal)) {
+                String msg = "Expected value '" + jdkSecVal + "' for key '" + 
+                             sKey + "'" + " but got value '" + securityVal + "'";
+                throw new RuntimeException("Test failed! " + msg);
+            } else {
+                System.out.println("DEBUG: " + sKey + " = " + jdkSecVal + " as expected.");
+            }
+        }
+        System.out.println("TestSecurityProperties PASSED!");
+    }
+    
+    private static void loadProperties(Properties props) {
+        String javaVersion = System.getProperty("java.version");
+        System.out.println("Debug: Java version is " + javaVersion);
+        String propsFile = JDK_PROPS_FILE_JDK_11;
+        if (javaVersion.startsWith("1.8.0")) {
+            propsFile = JDK_PROPS_FILE_JDK_8;
+        }
+        try (FileInputStream fin = new FileInputStream(new File(propsFile))) {
+            props.load(fin);
+        } catch (Exception e) {
+            throw new RuntimeException("Test failed!", e);
+        }
+    }
+}
diff --git a/java-1.8.0-openjdk.spec b/java-1.8.0-openjdk.spec
index cbaf745..b98b98b 100644
--- a/java-1.8.0-openjdk.spec
+++ b/java-1.8.0-openjdk.spec
@@ -991,7 +991,7 @@ Provides: java-%{javaver}-%{origin}-accessibility = %{epoch}:%{version}-%{releas
 
 Name:    java-%{javaver}-%{origin}
 Version: %{javaver}.%{updatever}.%{buildver}
-Release: 4%{?dist}
+Release: 5%{?dist}
 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
 # and this change was brought into RHEL-4. java-1.5.0-ibm packages
 # also included the epoch in their virtual provides. This created a
@@ -1052,6 +1052,9 @@ Source13: TestCryptoLevel.java
 # Ensure ECDSA is working
 Source14: TestECDSA.java
 
+# Verify system crypto (policy) can be disabled via a property
+Source15: TestSecurityProperties.java
+
 Source20: repackReproduciblePolycies.sh
 
 # New versions of config files with aarch64 support. This is not upstream yet.
@@ -1857,6 +1860,10 @@ $JAVA_HOME/bin/java TestCryptoLevel
 $JAVA_HOME/bin/javac -d . %{SOURCE14}
 $JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||")
 
+# Verify system crypto (policy) can be disabled
+$JAVA_HOME/bin/javac -d . %{SOURCE15}
+$JAVA_HOME/bin/java -Djava.security.disableSystemPropertiesFile=true $(echo $(basename %{SOURCE15})|sed "s|\.java||")
+
 # Check debug symbols are present and can identify code
 find "$JAVA_HOME" -iname '*.so' -print0 | while read -d $'\0' lib
 do
@@ -2321,6 +2328,9 @@ require "copy_jdk_configs.lua"
 %endif
 
 %changelog
+* Tue Feb 19 2019 Severin Gehwolf <sgehwolf@redhat.com> - 1:1.8.0.201.b09-5
+- Add a test verifying system crypto policies can be disabled
+
 * Tue Feb 19 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.201.b09-4
 - Add PR3655 to allow the system crypto policy to be turned off.