Enabled TLS 1.2 and TLS 1.1 on Java 7

Happy Friday!

Just drop a line about enabling TLS 1.2 and TLS 1.1 in JRE 7. Java 7 supports TLS1.1 and TLS1.2, but they are not enabled by default. See https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https  There are many posts about dynamically enable them but I was quite frustrated when testing them out. It turns out you would only need a system param


or code as

System.setProperty(“https.protocols”, “TLSv1,TLSv1.1,TLSv1.2”);

Hope it can save you some time!



15 thoughts on “Enabled TLS 1.2 and TLS 1.1 on Java 7

  1. The System.setProperty goes into your Java code, typically at app startup. The -D param would be in your JVM start up script.

    • try to use System.setProperty(“https.protocols”, “TLSv1.1,TLSv1.2”); this should only allow TLS1.1 and TLS 1.2. The others should be disabled.

  2. Hi I have the same issue and I am sure your solution will work. Could you elaborate on how to set the -Dhttps.protocols.where will be the JVM start up script located for me to add this .

    • In eclipse, there is a configuration for each Run application. The jvm system parameter such as -Dxxxx can be directly put in there.

  3. Can also do this at runtime

    try {
    SSLContext ctx = SSLContext.getInstance(“TLSv1.2”);
    ctx.init(null, null, null);

    } catch (Exception e) {

  4. I am facing an issue with Java 1.6. Unable to set the system property. I am using this property System.setProperty(“https.protocols”,”SSLv2Hello,TLSv1,SSLv3″); but still facing an issues like java.io.IOException: Server returned HTTP response code: 400

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s