How to Force Java Server to Accept Only Tls 1.2 and Reject Tls 1.0 and Tls 1.1 Connections

How to force java server to accept only tls 1.2 and reject tls 1.0 and tls 1.1 connections

I found a solution for this. I set the

jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3, TLSv1, TLSv1.1

in the file jre/lib/security/java.security on the server.

After setting this, server only accepts the TLS1.2 connection and reject lower security protocol versions.

How do I make sure that the client is using (or able to use) TLS v1.2 while visiting some pages of an application?

This is an old question. Here's some information

How do I detect the TLS version of an HttpServletRequest?

Can I detect the SSL version that a browser supports?

https://gist.github.com/SamuelChristie/13a2a29e74c189bcfd9b - Gracefully Deprecating TLS 1.0

Java 1.8.0 enable TLS1.2 in JDBC connection

Older versions of Microsoft's JDBC driver for SQL Server apparently assume that TLS v1.1 will be available on the server. That is, they were not coded to handle the case where the server explicitly rejects (or ignores) TLS v1.1 traffic.

Starting with JDBC driver version 6.3.2 we can add ;sslProtocol=TLSv1.2 to our connection URLs to specify the TLS version to use.

---

Related Topics