SSL/TLS version compatibility?

Question

I have a client running on java 1.6 communication with a server running on java 1.8 via web services.

1) I would like to know if my client can support any SSL/TLS version?

2) How to find out my client is running on what SSL/TLS version supposed that I do not have access to the distant server?

3) Can I force the TLS/SSL version from a java client application?

Any help would be be great! Thank you!

score 2 · Accepted Answer · answered Dec 29 '15 at 09:54

2

SSLSocket provides a method getSupportedProtocols():

SSLSocketFactory sf = new SSLSocketFactoryImpl();
SSLSocket s = (SSLSocket) sf.createSocket();
System.out.println( Arrays.toString( s.getSupportedProtocols() )) ;

Output: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]

http://download.java.net/jdk7/archive/b123/docs/api/javax/net/ssl/SSLSocket.html#getSupportedProtocols%28%29

answered Dec 29 '15 at 09:54

sinclair

2,812
4
24
53

Thank you for your help! I have another question if you don't mind! I am using a jersey jackson library to communicate in a json format (Java1.6) with a distant server. What would be the impacts on my program if i use TLSV1.2 instead of the current one TLSv1? – MultiTask70 Dec 30 '15 at 09:10

SSL/TLS version compatibility?

1 Answers1