Will SSLContext.getInstance("TLS") supports TLS v1.1 and TLS v1.2 also?

About

Asked 24/4, 2015 at 7:45 Answered 10/11, 2016 at 17:58

Solved java tomcat ssl openssl poodle-attack

In my java Code i am creating one instance of SSL Context using command

SSLContext ctx = SSLContext.getInstance("TLS");

But in my tomcat server i am setting TLSv1.2 and i am getting handshake error.

How we can support all the TLS protocols using this method like in cpp we have SSLV23 client method which will support all protocols.

Jurisprudence answered 24/4, 2015 at 7:45 Comment(5)

Which version of Java do you use? – Traweek 24/4, 2015 at 8:0

SSLContext ctx = SSLContext.getInstance("TLSv1.2"); suports all protocols :) – Jurisprudence 24/4, 2015 at 9:43

SSLContext ctx = SSLContext.getInstance("TLS"); - it gets worse. On Java 8 and below, you also get SSLv3. A bug report was filed with Oracle, but it was closed as "won't fix" because its by design. Also see Which Cipher Suites to enable for SSL Socket? – Gaffe 24/4, 2015 at 9:58

do you've the bug id? – Aiguille 24/2, 2018 at 0:26

@Jurisprudence SSLContext.getInstance("TLSv1.2") does not necessarily support all protocols - it depends of JVM. In my case the class configured like this cannot connect to an Apache server using TLSv1 being run on IBM JVM 1.7.0 when it can connect being run on Oracle JVM 1.7.0. – Livi 1/5, 2018 at 6:5

To use TLSv1.2 try to use below code:

SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, null, null);

Cecilycecity answered 10/11, 2016 at 17:58 Comment(2)

May I know how to apply this sslContext into my RestTemplate? I am working in Spring version 3.0.x, keep trying but cant get it. – Purpleness 18/4, 2019 at 2:19

#52836565 – Forthright 9/9, 2022 at 9:11

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags