Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Does not work #13

Closed
BruceZu opened this issue Dec 13, 2019 · 2 comments
Closed

Does not work #13

BruceZu opened this issue Dec 13, 2019 · 2 comments

Comments

@BruceZu
Copy link

BruceZu commented Dec 13, 2019

According to the https://www.azul.com/press_release/azul-systems-brings-updated-transport-layer-security-to-java-se-8/ "it has created OpenJSSE, an open source implementation of TLS 1.3 for Java SE 8, and has included it in the latest releases of its Zulu Community and Zulu Enterprise products."
... "Zulu builds of OpenJDK 8 now include the OpenJSSE TLS 1.3 JSSE provider, which can be used to enable TLS 1.3 support with no application or code changes. "
...""“Azul is now making it possible for Java deployments to enable TLS 1.3 support in their existing Java 8-based applications without changing a line of code,“"
--- "Free Zulu Community builds of OpenJDK 8 incorporating TLS 1.3 support are available for download at https://www.azul.com/downloads/zulu."

But after I downloaded the latest version of Zulu 1.8.

$ java -version
openjdk version "1.8.0_232"
OpenJDK Runtime Environment (Zulu 8.42.0.23-CA-linux64) (build 1.8.0_232-b18)
OpenJDK 64-Bit Server VM (Zulu 8.42.0.23-CA-linux64) (build 25.232-b18, mixed mode)

I update a little in the example
as

 try {
			String TLS = "TLSv1.3";
			System.setProperty("https.protocols", TLS);

			URL url = new URL("https://172.30.71.159:443");
			new HttpsClient().connect(url);
		} catch (Exception e) {
			System.out.println(e);
		}
	}

And find it does not work
find output is

Connect to https://172.30.71.159:443 using SunJSSE provider
java.lang.IllegalArgumentException: TLSv1.3

My question is does it really work?
and is it really included in Zulu JDK 1.8?
How to use it?

@alexeybakhtin
Copy link
Contributor

Hello Bruce,

By default Zulu uses default SunJSSE provider for all secure connections.
Zulu JDK 1.8 and Zulu JDK 11 have special option to enable OpenJSSE TLS 1.3 JSSE provider : -XX:+UseOpenJSSE
You can find more information about TLS1.3 support in Zulu JDK on the page : https://docs.azul.com/openjsse/Title.htm
It is also accessible from Zulu Release Notes page: https://docs.azul.com/zulu/zulurelnotes/ZuluReleaseNotes/CA_What'sNew.htm

@BruceZu
Copy link
Author

BruceZu commented Dec 13, 2019

Fixed by add one line code

 Security.insertProviderAt(new org.openjsse.net.ssl.OpenJSSE(), 4);

After refer

My case is to support TLSv1.3 only for a part of function, not for the whole application.

@BruceZu BruceZu closed this as completed Dec 13, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants