How to enable TLS 1 2 in Java 7

Question

I am trying to enable TLS 1 2 in my web app which uses JBoss 6 4 and Java 1 7  I have -Dhttp protocols   TLSv1 2 in my application environment but it doesn t seem to work for me    Is there anything I could do to enable TLS 1 2   I wrote a simple program   context   SSLContext getInstance  TLSv1 2    context init null null null   SSLContext setDefault context    SSLSocketFactory factory    SSLSocketFactory context getSocketFactory    SSLSocket socket    SSLSocket factory createSocket    protocols   socket getEnabledProtocols      After running this program within the app the TLS 1 2 gets enabled  I do not want to run this program but I want to directly enable it during app startup  Is there any way to do it

User · Answer

System setProperty  https protocols    TLSv1 2    worked in my case  Have you checked that within the application

User · Answer

The stated answers are correct  but I m just sharing one additional gotcha that was applicable to my case  in addition to using setProtocol withProtocol  you may have some nasty jars that won t go away even if have the right jars plus an old one   Remove   lt dependency gt       lt groupId gt commons-httpclient lt  groupId gt       lt artifactId gt commons-httpclient lt  artifactId gt       lt version gt 3 1 lt  version gt   lt  dependency gt    Retain   lt dependency gt       lt groupId gt org apache httpcomponents lt  groupId gt       lt artifactId gt httpclient lt  artifactId gt       lt version gt 4 5 2 lt  version gt   lt  dependency gt    lt dependency gt       lt groupId gt org apache httpcomponents lt  groupId gt       lt artifactId gt httpcore lt  artifactId gt       lt version gt 4 4 6 lt  version gt   lt  dependency gt    Java is backward compatible  but most libraries are not  Each day that passes the more I wish shared libraries were outlawed with this lack of accountability   Further info  java version  1 7 0 80  Java TM  SE Runtime Environment  build 1 7 0 80-b15  Java HotSpot TM  64-Bit Server VM  build 24 80-b11  mixed mode

User · Answer

To force enable TLSv1 2 in JRE7u 80 I had to use following code snippet before creating JDBC connection   import java security NoSuchAlgorithmException  import java security Provider  import javax net ssl SSLContextSpi  import sun security jca GetInstance  import sun security jca ProviderList  import sun security jca Providers   public static void enableTLSv12ForMssqlJdbc   throws NoSuchAlgorithmException       ProviderList providerList   Providers getProviderList        GetInstance Instance instance   GetInstance getInstance  SSLContext   SSLContextSpi class   TLS        for  Provider provider   providerList providers                  if  provider    instance provider                        provider put  Alg Alias SSLContext TLS    TLSv1 2                        Able to connect to Windows 10 with SQL server 2017  amp  TLSv1 2 enabled OS

User · Answer

There are many suggestions but I found two of them most common  Re  JAVA OPTS I first tried export JAVA OPTS  quot -Dhttps protocols SSLv3 TLSv1 TLSv1 1 TLSv1 2 quot  on command line before startup of program but it didn t work for me  Re  constructor Then I added the following code in the startup class constructor and it worked for me  try           SSLContext ctx   SSLContext getInstance  quot TLSv1 2 quot            ctx init null  null  null           SSLContext setDefault ctx     catch  Exception e            System out println e getMessage        Frankly  I don t know in detail why ctx init null  null  null   but all  SSL TLS  is working fine for me  Re  System setProperty There is one more option  System setProperty  quot https protocols quot    quot SSLv3 TLSv1 TLSv1 1 TLSv1 2 quot     It will also go in code but I ve not tried it

User · Answer

Add this parameter to JAVA OPTS or to the command line in Maven  -Dhttps protocols TLSv1 2

User · Answer

I had similar issue when connecting to RDS Oracle even when client and server were both set to TLSv1 2 the certs was right and java was 1 8 0 141 So Finally I had to apply patch at Java Cryptography Extension  JCE  Unlimited Strength Jurisdiction Policy Files  After applying the patch the issue went away and connection went fine

User · Answer

You can upgrade your Java 7 version to 1 7 0 131-b31  For JRE 1 7 0 131-b31 in Oracle site       TLSv1 2 and TLSv1 1 are now enabled by default on the TLS client   end-points  This is similar behavior to what already happens in JDK 8   releases

User · Answer

You should probably be looking to the configuration that controls the underlying platform TLS implementation via -Djdk tls client protocols TLSv1 2

User · Answer

Add following option for java application   -Dhttps protocols TLSv1 TLSv1 1 TLSv1 2

User · Answer

I solved this issue by using  Service setSslSecurityProtocol SSLSecurityProtocol TLSv1 2

[java] How to enable TLS 1.2 in Java 7

Examples related to java

Examples related to jboss

Examples related to java-7

Examples related to tls1.2