Skip to content

Commit

Permalink
Bug: 476863 - Android Service is limited to SSL 3.0
Browse files Browse the repository at this point in the history 
I've set the SSL/TLS version to TLSv1. This is an immediate improvement over the very insecure SSLv1 that was previously allowed.
This should allow TLSv1 TLSV1.1 and TLSv1.2
Signed-off-by: James Sutton <james.sutton@uk.ibm.com>
  • Loading branch information
@jpwsutton
jpwsutton committed Nov 26, 2015
1 parent 2bd8b12 commit 450c508
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ...aho.android.service/src/main/java/org/eclipse/paho/android/service/MqttAndroidClient.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1667,7 +1667,7 @@ public SSLSocketFactory getSSLSocketFactory (InputStream keyStore, String passwo
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
tmf.init(ts);
TrustManager[] tm = tmf.getTrustManagers();
ctx = SSLContext.getInstance("SSL");
ctx = SSLContext.getInstance("TLSv1");
ctx.init(null, tm, null);

sslSockFactory=ctx.getSocketFactory();
Expand Down

0 comments on commit 450c508

Please sign in to comment.