Enabled TLS 1.2 and TLS 1.1 on Java 7

Happy Friday!

Just drop a line about enabling TLS 1.2 and TLS 1.1 in JRE 7. Java 7 supports TLS1.1 and TLS1.2, but they are not enabled by default. See https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https  There are many posts about dynamically enable them but I was quite frustrated when testing them out. It turns out you would only need a system param

-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2

or code as

System.setProperty(“https.protocols”, “TLSv1,TLSv1.1,TLSv1.2”);

Hope it can save you some time!

Cheers!

Advertisements

13 thoughts on “Enabled TLS 1.2 and TLS 1.1 on Java 7

  1. The System.setProperty goes into your Java code, typically at app startup. The -D param would be in your JVM start up script.

    • try to use System.setProperty(“https.protocols”, “TLSv1.1,TLSv1.2”); this should only allow TLS1.1 and TLS 1.2. The others should be disabled.

  2. Hi I have the same issue and I am sure your solution will work. Could you elaborate on how to set the -Dhttps.protocols.where will be the JVM start up script located for me to add this .

    • In eclipse, there is a configuration for each Run application. The jvm system parameter such as -Dxxxx can be directly put in there.

  3. Can also do this at runtime

    try {
    SSLContext ctx = SSLContext.getInstance(“TLSv1.2”);
    ctx.init(null, null, null);
    SSLContext.setDefault(ctx);

    } catch (Exception e) {
    System.out.println(e.getMessage());
    }

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s