Java 7 disables TLS 1.1 and 1.2 for clients. From Java Cryptography Architecture Oracle Providers Documentation:
Although SunJSSE in the Java SE 7 release supports TLS 1.1 and TLS 1.2, neither version is enabled by default for client connections. Some servers do not implement forward compatibility correctly and refuse to talk to TLS 1.1 or TLS 1.2 clients. For interoperability, SunJSSE does not enable TLS 1.1 or TLS 1.2 by default for client connections.
I'm interested in enabling the protocols on a system wide setting (perhaps through a config file), and not a per-Java-application solution.
How do I administratively enable TLS 1.1 and 1.2 system wide?
Note: since POODLE, I would like to administratively disable SSLv3 system wide. (The problems with SSLv3 predate POODLE by at least 15 years, but Java/Oracle/Developers did not respect basic best practices, so users like you and me are left with cleaning up the mess).
Here's the Java version:
$ /Library/Java/JavaVirtualMachines/jdk1.7.0_07.jdk/Contents/Home/bin/java -version
java version "1.7.0_07"
Java(TM) SE Runtime Environment (build 1.7.0_07-b10)
Java HotSpot(TM) 64-Bit Server VM (build 23.3-b01, mixed mode)
No comments:
Post a Comment