Task #7131
Bug #7058: cannot successfully connect to SAEON node that only uses TLSv1.2
implement a TLS protocol preference property in auth.properties
100%
Description
Allow the user to configure a preference of TLS protocols to use, via a property called tls.protocol.preferences
in auth.properties.
Certificate manage will iterate over the list until it finds a protocol the runtime supports. This lets us specify the
highest version of TLS we wish without worrying about what a particular runtime supports.
The preference list will allow libclient run under java 6 use TLSv1.0 (the highest it supports), under java7 and 8 use TLSv1.2.
Subtasks
History
#1 Updated by Rob Nahf over 9 years ago
- Status changed from In Progress to Closed
- % Done changed from 30 to 100
#2 Updated by Rob Nahf over 9 years ago
added the tls.protocol.preferences property to CertificateManager to give maximum runtime compatibility and security for TLS connections. Default preferences support java 6,7, & 8 at their highest supported protocol version.