• Post Reply Bookmark Topic Watch Topic
  • New Topic

How to set TLS1.2 version in Java7  RSS feed

 
Appasaheb Neelawani
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Environment details.

java version "1.7.0_40" Java(TM) SE Runtime Environment (build 1.7.0_40-b43) Java HotSpot(TM) 64-Bit Server VM (build 24.0-b56, mixed mode).

We are using jboss-4.2.3.GA and Thick client using ejb3.

And we have tried to set the TLS1.2 version in the following way.

1) Control Panel --> Programs-->Java-->Advanced Tab-->Advanced Security Settings checked the TLS1.1 and TLS1.2 and unchecked the remaining old versions. But still in Wire shark software we are seeing client is talking to server in TLSV1 only.

2) -Ddeployment.security.SSLv2Hello=false -Ddeployment.security.SSLv3=false -Ddeployment.security.TLSv1=false -Ddeployment.security.TLSv1.1=true -Ddeployment.security.TLSv1.2=true

Given in the startup script,but in Wire shark software we are seeing client is talking to server in TLSV1 only.

Reference link : http://superuser.com/questions/747377/enable-tls-1-1-and-1-2-for-clients-on-java-7

3) jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3, TLSv1, TLSv1.1

in the jre/lib/security/java.security and jdk1.7.0_40/jre/lib/security/java.security. But still in Wire shark software we are seeing client is talking to server in TLSV1 only.

Reference link : How to force java server to accept only tls 1.2 and reject tls 1.0 and tls 1.1 connections

Can somebody tell us how to enforce TLS1.2 version for both Client and Server.
 
K. Tsang
Bartender
Posts: 3648
16
Firefox Browser Java Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For your approach 3, the JVM needs to be 7u45 or later to work. Maybe updating to a later v7 SDK or v8 (uses TLSv1.2 by default according to Oracle). here
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!