New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to use protocol TLSv1.2 #18949
Comments
@glassfishrobot Commented |
@glassfishrobot Commented |
@glassfishrobot Commented |
@glassfishrobot Commented |
@glassfishrobot Commented |
@glassfishrobot Commented |
@glassfishrobot Commented |
@glassfishrobot Commented |
|
We used https with GF-2.1 and Java6 and it worked fine, until we got TLS-1.2 clients. We upgraded to JDK 7, which supports TLSv1.2, and this solved our problem.
However, after an upgrade to GF-3.1.2, this does not work anymore.
I have tried to set https.protocols=TLSv1.2 in JMV properties, but this does not work.
Admin console only has a boolean parameter "Enable TLS" which is quite rough. It would be nice to define protocols like cipher suites, by cherry picking.
We managed to use TLSv1.2 (as a proof of concept) in a small test program inspired from grizzly-embed-samples v1.9.50. Source code sample :
final GrizzlyWebServer ws = new GrizzlyWebServer( port, path, true );
ws.setSSLConfig( getSSLConfig() ); // nothing important in there : only keystore & truststore
// THIS is required (at least the last protocol actually) :
( ( SSLSelectorThread ) ws.getSelectorThread() ).setEnabledProtocols( new String[]
{ "TLSv1", "TLSv1.1", "TLSv1.2" }
);
Tried also to patch class com.sun.enterprise.web.connector.coyote.PECoyoteConnector.configureSSL() in web-glue.jar (by replacing "TLSv1" with "TLSv1, TLSv1.1, TLSv1.2", but this does seem to work either.
Environment
Linux 32 bits / JDK 7u3
Affected Versions
[3.1.2]
The text was updated successfully, but these errors were encountered: