Hello, I cannot find a way to force the server to just use TLSv1.2. Currently it says:
Apache Derby Network Server - 10.13.1.1 - (1765088) Enabled Protocols are TLSv1, TLSv1.1, TLSv1.2 even when using -Dhttps.protocols=TLSv1.2 or similar settings found on the internet. Then I saw in the source: SSLContext ctx = SSLContext.getInstance("TLS"); https://github.com/apache/derby/blob/f16c46cbdd5be8dd9bdcee935ec1f68970146478/java/org.apache.derby.commons/org/apache/derby/shared/common/drda/NaiveTrustManager.java#L73 that it seems to ignore command line settings. Is it possible to add such a property or a different workaround to avoid older TLS versions? Regards Peter