Using TLS v1.1 or 1.2 with RPC Client

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Using TLS v1.1 or 1.2 with RPC Client

Amit Lonkar-2
Hi

Is there a way to set https transport to be TLSv1.1 or TLSv1.2 using the RPCClient? We are using Java 7. 

Exception: Received fatal alert: handshake_failure

With Java 7 even thought TLS1.1 and 1.2 are supported they are not enabled by default. I have tried various ways to enable these but with no luck.

Java 7 Supported Protocols: 5
 SSLv2Hello
 SSLv3
 TLSv1
 TLSv1.1
 TLSv1.2

Enabled Protocols: 1
 TLSv1

Solutions I have tried till now and have not worked:
1. Set -Dhttps.protocols=TLSv1.1,TLSv1.2 on the client.
2. java.lang.System.setProperty("https.protocols", "TLSv1.1");

Thanks
Amit
Reply | Threaded
Open this post in threaded view
|

RE: Using TLS v1.1 or 1.2 with RPC Client

Martin Gainty
as seen here Axis2 provider wss4j implements TLS v1.0 (rfc2246)

/**
     * The authentication was performed using either the SSL or TLS protocol with certificate 
     * based client authentication. TLS is described in [RFC 2246].
     */
    public static final String AUTH_METHOD_TLS_CLIENT = "urn:ietf:rfc:2246";

Unfortunately this wss4j version does not yet implement TLS v1.2 (rfc5246)

please ask wss4j users list which version of wss4j implements TLSv1.2 (rfc5246)

please convey that wss4j version information to this list when they reply to you

Regards
Martin 
______________________________________________




From: [hidden email]
Subject: Using TLS v1.1 or 1.2 with RPC Client
Date: Wed, 10 Aug 2016 14:17:15 -0600
To: [hidden email]

Hi

Is there a way to set https transport to be TLSv1.1 or TLSv1.2 using the RPCClient? We are using Java 7. 

Exception: Received fatal alert: handshake_failure

With Java 7 even thought TLS1.1 and 1.2 are supported they are not enabled by default. I have tried various ways to enable these but with no luck.

Java 7 Supported Protocols: 5
 SSLv2Hello
 SSLv3
 TLSv1
 TLSv1.1
 TLSv1.2

Enabled Protocols: 1
 TLSv1

Solutions I have tried till now and have not worked:
1. Set -Dhttps.protocols=TLSv1.1,TLSv1.2 on the client.
2. java.lang.System.setProperty("https.protocols", "TLSv1.1");

Thanks
Amit