We faced this at work a few days ago.
We run a Java standalone application, with embedded JBoss. It runs on Java 7. One of our customers insisted on TLSv1.2 protocol for their server.
Now, the issue with this is Java 8 has TLSv1.2 enabled by default. Java 7 doesn't, it's only got SSLv2 and 3 enabled by default.
Typically, just setting something like "-Ddeployment.security.TLSv1.2=true" to run your application would be sufficient, however our coders actually hardcoded the SSL context so this never worked...
No comments:
Post a Comment