On Mon, Jan 12, 2015 at 11:10 PM, <deepr...@gmail.com> wrote: > Folks, > > Sorry for the totally newbie question but I've hunted high and low. > > I am supporting some Java code that uses JSS4, NSS to provide SSL Server > side services. > > In response to Poodle I've been looking this code and was able to Enable > TLS explicitly and disable SSL to mitigate that in it's most basic form. > > However I was hoping to be able to add at least TLS 1.1 if not 1.2 support. > Java 8 enabled by default TLS 1.1 and TLS 1.2 on Java's control panel This raised dome problems tieh the protocol negotation with our legacy OAS servers. Seems Oracle didnt honor cypherHonors :P
I cannot find how this is done or if possible. > > I've build the latest NSS code base which seemingly supports these > protocols, and build JSS around it but can't seem to get a TLS 1.1/1.2 > connection. > > The JSS source code also doesn't show any of the SHA256 ciphers etc that > imply TLS 1.2..so I've come the conclusion that I cannot use JSS to execute > TLS 1.1/1.2 server side connections. > Probably im confused but you could try: - disabling everything but TLS1.1/1.2 and see if that works -> protocol are supported but not used or are not supported at all - using -Djdk.tls.client.protocols="TLSv1,..." - create a custom sslFactory and enjoy -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
