1

We have tried the below code to identify the protocols supported by the java version 1.7.0_79

SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket soc = (SSLSocket) factory.createSocket();

// Returns the names of the protocol versions which are
// currently enabled for use on this connection.
String[] protocols = soc.getEnabledProtocols();

System.out.println("Enabled protocols:");
for (String s : protocols) {
  System.out.println(s);
}

Output for the above program..

1.7.0_79 
Enabled protocols: 
TLSv1

In order to support TLSv1.1 we have tried following options

  • with reference to link executed program with -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 but it didn't work ,it show only the TLSv1.

  • Then with reference to link we added follow line 

    jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3, TLSv1, TLSv1.1

in java.security which didn't help as well. Could someone help in identifying the changes to be done in jdk 1.7.0_79?

Community
  • 1
  • 1
Dhanraj MC
  • 21
  • 7

1 Answers1

1

you were almost there .You can disable TLSv1.0 by adding below entries in your code for JDK 1.7.0_79 

sslSocket.setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});

for further explaination please refer here

Example

SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) factory.createSocket();
sslSocket.setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
// Returns the names of the protocol versions which are
// currently enabled for use on this connection.
String[] protocols = sslSocket.getEnabledProtocols();

System.out.println("Enabled protocols:");
for (String s : protocols) {
  System.out.println(s);
}

Output-

Enabled protocols:
TLSv1.1
TLSv1.2

Other ways

In addition ,if you were allowed migrating to JDK1.8 then by default it disables TLSv1.0 and supports TLSv1.1,TLSv1.2

Prakash_se7en
  • 88
  • 2
  • 3
  • 16