java 访问tls1.2_How to enable TLS 1.2 in Java 7

最新推荐文章于 2024-02-06 13:48:53 发布

weixin_39593427

最新推荐文章于 2024-02-06 13:48:53 发布

阅读量345

点赞数

文章标签： java 访问tls1.2

本文链接：https://blog.csdn.net/weixin_39593427/article/details/115044435

版权

可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效，请关闭广告屏蔽插件后再试):

问题:

I am trying to enable TLS 1.2 in my web app which uses JBoss 6.4 and Java 1.7. I have -Dhttp.protocols = TLSv1.2 in my application environment but it doesn't seem to work for me.

Is there anything I could do to enable TLS 1.2?

I wrote a simple program context = SSLContext.getInstance("TLSv1.2"); context.init(null,null,null); SSLContext.setDefault(context); SSLSocketFactory factory = (SSLSocketFactory)context.getSocketFactory(); SSLSocket socket = (SSLSocket)factory.createSocket(); protocols = socket.getEnabledProtocols();

After running this program within the app the TLS 1.2 gets enabled. I do not want to run this program but I want to directly enable it during app startup. Is there any way to do it?

回答1:

You can upgrade your Java 7 version to 1.7.0_131-b31

For JRE 1.7.0_131-b31 in Oracle site : TLSv1.2 and TLSv1.1 are now enabled by default on the TLS client end-points. This is similar behavior to what already happens in JDK 8 releases.

回答2:

There are many suggestions but I found two of them most common. I first tried export JAVA_OPTS="-Dhttps.protocols=SSLv3,TLSv1,TLSv1.1,TLSv1.2" on command line before startup of program but it didn't work for me.

Then I added following code in startup class constructor and it worked for me. try { SSLContext ctx = SSLContext.getInstance("TLSv1.2"); ctx.init(null, null, null); SSLContext.setDefault(ctx); } catch (Exception e) { System.out.println(e.getMessage()); }

Frankly I don't know in details why ctx.init(null, null, null); but all (SSL/TLS) are working fine for me.

There is one more option: System.setProperty("https.protocols", "SSLv3,TLSv1,TLSv1.1,TLSv1.2");. It will also go in code but I've not tried it.

回答3:

System.setProperty(“https.protocols”, “TLSv1.2”); worked in my case. Have you checked that within the application?

回答4:

Add this parameter to JAVA_OPTS or to the command line in maven: -Dhttps.protocols=TLSv1.2

回答5:

Add following option for java application: -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2