Enable TLSv1.3 in jboss 7.0.0 GA

Question

I am trying to enable TLSv1.3 in jboss 7.0.0 GA as given below

<https-listener name="default-https" enabled-protocols="TLSv1.1,TLSv1.2,TLSv1.3" security-realm="ApplicationRealm" socket-binding="https"/>

I can able to connet via TLSv1.1 and TLSv1.2 but while trying to connect via TLSv1.3 am getting the below error.

Caused by: java.security.NoSuchAlgorithmException: TLSv1.3 SSLContext not available
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) ~[?:1.8.0_144]
    at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156) ~[?:1.8.0_144]
    at org.xnio.ssl.JsseSslUtils.createSSLContext(JsseSslUtils.java:90) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
    at org.xnio.ssl.JsseSslUtils.createSSLContext(JsseSslUtils.java:67) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
    at org.xnio.ssl.JsseXnioSsl.<init>(JsseXnioSsl.java:79) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
    at org.xnio.Xnio.getSslProvider(Xnio.java:272) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
    at org.jboss.remoting3.remote.RemoteConnectionProvider.connect(RemoteConnectionProvider.java:207) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
    at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:326) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
    ... 68 more

Answer 1

Starting with WildFly 11 (I don't know to which JBoss EAP this was backported) you should be able to use TLS 1.3 through OpenSSL assuming you have OpenSSL 1.1.1 or later.

http://wildfly.org/news/2017/10/06/OpenSSL-Support-In-Wildfly/

Answer 2

The TLS 1.3 specification is still in draft and not yet available in Java.

The Java Secure Socket Extension reference guide lists the currently supported protocols.

Update

TLS 1.3 is now supported in Java 11