Reputation: 1
Java use SSLContext for HttpsURLConnection
Looking for an example to open HttpsURLConnection with SSLContext and restricted to TLSv1.2. The context is built using trust store and trust key and after I added the custom() call - the TLS setting seem to be changed to just "TLS" vs. "TLSv1.2"
my code is:
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext = SSLContexts.custom()
.loadTrustMaterial(getKeyStore(trustStoreURL, trustStorePassword), new TrustSelfSignedStrategy())
.loadKeyMaterial(getKeyStore(keyStoreUrl, keyStorePassword), keyStorePassword.toCharArray()).build();
So after the custom() I see "TLS" in sslContext properties.
Upvotes: 0
Views: 1111
Answers (1)
Reputation: 24
Why do you want to use only a single version, is there any restriction on your server host ? Most modern servers use TLSv1.2 which is backward compatible to one or two versions. When you use TLSv1.2 while creating socket factory like below,
SSLSocketFactory.getInstance("TLSv1.2")
the default allowed protocols would be SSL, TLS, TLSv1.1, TLSv1.2.
With that being said, to answer your question, You can set your SSLSocket to enable just a few protocols using the setEnabledProtocols method. Please check this doc for more on this. Once done, your SSL connection will allow only the specified protocol.
Upvotes: 0
Related Questions
- HTTPS and HTTP connection in java
- Java HttpsURLConnection and TLS 1.2
- Default request method of HttpsURLConnection
- Using java class HttpsURLConnection
- SSLSocket of HttpsURLConnection
- Configuration of Java HttpsURLConnection
- how to use HttpsUrlConnection in java
- SSLContext protocols
- how to access https sites in java
- Java http connection