-
1. Re: HttpURLConnection
ctomc Sep 23, 2015 4:59 PM (in response to tnzeibig)TLSv1.2 was added in JDK7...
-
2. Re: HttpURLConnection
tnzeibig Sep 24, 2015 7:47 AM (in response to ctomc)True. The Apache proxy needs to run on a later version of Java. I'm trying to find a way to have the Apache proxy re-write the 'Connect' to Https tlsv1.2 to avoid a JBoss update. (Jboss 5.1 won't run on JDK7 as I understand)
-
3. Re: HttpURLConnection
tnzeibig Sep 29, 2015 3:28 PM (in response to tnzeibig)So my understanding of this so far;
1. Java creates a connection object, using TLS1.0 because its the only protocol available in Java 1.6
2. Java issues a HttpURLConnection.openConnection(proxy) request thru the proxy - This is a request for a tunnel.
3. Apache opens the CONNECT and creates the tunnel to the requested server. No handshake really.
4. Control is passed back to Java to do the handshakes and data transfer, using the Java TLS 1.0 connection object created earlier.
My only goal was to get the Handshake and protocols to be negotiated by Apache, but unless someone has another idea, I'm starting to think this is not possible - outside of upgrading to Java 7 (which causes other issues)
Thoughts anyone? -
4. Re: HttpURLConnection
tnzeibig Oct 2, 2015 8:28 AM (in response to tnzeibig)Update: Per a suggestion from another forum, I've got this to work.
My thinking on this was backward. Removed all the proxy code out of Java, and put in a dummy URL for java to call;
In apache, on virtual host 8080 added three lines;
SSLProxyEngineOn
ProxyPass /whatever https://actualHost/...
ProxyPassReverse /whatever https://actualHost/...
and it works.