5 Replies Latest reply on Dec 24, 2016 12:02 AM by hablutzel1

    TLSv1.1/1.2 not working with JDK7

    praneshinjboss

      Hello,

       

      I have JBoss 3 with jdk1.7.0_85 trying soap call to a third party vendor application where they have enabled all TLS1/1.1/1.2 which they are going to shutdown TLSv1.

      I have enabled the following in my run.conf & whenever soap call is made to vendor, they are seeing only TLSv1 not TLSv1.1/1.2.

      JAVA_OPTS="-Djdk.tls.client.protocols=TLSv1.1 -Djdk.tls.client.protocols=TLSv1.2 -Dhttps.protocols=TLSv1.1,TLSv1.2 -Dsoapui.https.protocols=TLSv1.1,TLSv1.2 $JAVA_OPTS"

       

      Then I disabled TLSv1 in java.security file but now I see handshake failure like below.

       

      AxisFault

      faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException

      faultSubcode:

      faultString: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

      faultActor:

      faultNode:

      faultDetail:

      {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

              at sun.security.ssl.Handshaker.activate(Handshaker.java:470)

       

      Any suggestions how to make it work only on TLSv1.1/1.2?

       

      Thanks.