Unable to use protocol TLSv1.2 #18949
Comments
|
@glassfishrobot Commented |
|
@glassfishrobot Commented |
|
@glassfishrobot Commented |
|
@glassfishrobot Commented |
|
@glassfishrobot Commented |
|
@glassfishrobot Commented |
|
@glassfishrobot Commented |
|
@glassfishrobot Commented |
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We used https with GF-2.1 and Java6 and it worked fine, until we got TLS-1.2 clients. We upgraded to JDK 7, which supports TLSv1.2, and this solved our problem.
However, after an upgrade to GF-3.1.2, this does not work anymore.
I have tried to set https.protocols=TLSv1.2 in JMV properties, but this does not work.
Admin console only has a boolean parameter "Enable TLS" which is quite rough. It would be nice to define protocols like cipher suites, by cherry picking.
We managed to use TLSv1.2 (as a proof of concept) in a small test program inspired from grizzly-embed-samples v1.9.50. Source code sample :
final GrizzlyWebServer ws = new GrizzlyWebServer( port, path, true );
ws.setSSLConfig( getSSLConfig() ); // nothing important in there : only keystore & truststore
// THIS is required (at least the last protocol actually) :
( ( SSLSelectorThread ) ws.getSelectorThread() ).setEnabledProtocols( new String[]
{ "TLSv1", "TLSv1.1", "TLSv1.2" }
);
Tried also to patch class com.sun.enterprise.web.connector.coyote.PECoyoteConnector.configureSSL() in web-glue.jar (by replacing "TLSv1" with "TLSv1, TLSv1.1, TLSv1.2", but this does seem to work either.
Environment
Linux 32 bits / JDK 7u3
Affected Versions
[3.1.2]
The text was updated successfully, but these errors were encountered: