在使用JBoss6.4和Java1.7的web应用中,尝试启用TLS1.2未成功。尽管在应用环境中设置了-Dhttp.protocols=TLSv1.2,但并未生效。升级Java版本到1.7.0_131-b31可以默认启用TLSv1.2和TLSv1.1,与JDK8的行为相似。要避免运行额外程序并在启动时直接启用TLS1.2,可以考虑更新Java版本。
I am trying to enable TLS 1.2 in my web app which uses JBoss 6.4 and Java 1.7. I have -Dhttp.protocols = TLSv1.2 in my application environment but it doesn't seem to work for me.
Is there anything I could do to enable TLS 1.2?
I wrote a simple program
context = SSLContext.getInstance("TLSv1.2");
context.init(null,null,null);
SSLContext.setDefault(context);
SSLSocketFactory factory = (SSLSocketFactory)context.getSocketFactory();
SSLSocket socket = (SSLSocket)factory.createSocket();
protocols = socket.getEnabledProtocols();
After running this program within the app the TLS 1.2 gets enabled. I do not want to run this program but I want to directly enable it during app startup. Is there any way to do it?
解决方案
You can upgrade your Java 7 version to 1.7.0_131-b31
For JRE 1.7.0_131-b31 in Oracle site :
TLSv1.2 and TLSv1.1 are now enabled by default on the TLS client
end-points. This is similar behavior to what already happens in JDK 8
releases.
5938
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
