[
https://issues.apache.org/jira/browse/HTTPCLIENT-1692?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mohammed Aijaz Yousuf updated HTTPCLIENT-1692:
----------------------------------------------
Attachment: litle-sdk-for-java-9.3.1.zip
Extract the zip and import the classes into your workspace. This is a Open
source SDK.
> Apache HttpClient overrides the protocols supplied by JVM and instead
> defaults it to TLSv1.0
> --------------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1692
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1692
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient
> Affects Versions: 4.5
> Environment: Windows and Linux
> Reporter: Mohammed Aijaz Yousuf
> Attachments: litle-sdk-for-java-9.3.1.zip
>
>
> Issue : We have a SDK provided by our Payment gateway and we use this SDK to
> invoke the Payment webservices. This SDK uses Apache HttpCLient /Post methods
> to make webservice calls and Payment gateway requires the communication to go
> through TLS1.2 handshake. We invoke these payment services using 2 ways :
> 1. Using IBM Websphere Application server.
> 2. Using IBM Agent Server (Batch job which runs on a JVM process and uses
> Queue to process and listen to messages)
> a. For IBM websphere, we were able to make the TLS1.2 protocol work by
> changing the "Quality Of Protection" SSL settings but we cannot make it work
> on IBM Agent server.
> b. We tried passing the protocols explicitly by giving
> "https.protocols=TLSv1.2" as system arguments when starting the server but it
> seems the Apache HttpsClient is overriding the protocol and setting it to JVM
> default protocol which is TLSv1.0. Due to this default protocol, all our
> communications with Payment gateway are failing. We are using
> apache-httpcomponents-httpclient.jar.
> c. We tried using the httpClient4.5.x but even then the same behavior is
> seen.Another issue we faced when we use higher versions of httpclient was
> whenever we try deploying the Httpclient 4.5.x.jar on websphere, Websphere is
> throwing Class conflict error as IBM websphere has a
> com.ibm.ws.prereq.jaxrs.jar plugin which internally supports only apache
> 4.1.x. We tried changing the websphere class loader policy to read the Parent
> class last but it starts effecting other functionalities.
> d. We would basically need to know how we can enforce the httpclient to
> accept the JVM protocols set in system property "https.protocols=TLSv1.2"
> instead of overriding the protocol to TLSv1.0.
> e. We are using IBM JDK 1.6 SR5 and IBM Websphere 8.5.5
> Secondly we are not using JSSE socketfactory but are using Websphere SSL
> socket factory with com.ibm.ws.security.crypto.jar:
> # WebSphere socket factories (in cryptosf.jar)
> ssl.SocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLSocketFactory
> ssl.ServerSocketFactory.provider=com.ibm.websphere.ssl.protocol.SSLServerSocketFactory
> f. Its an Open source SDK provided by Vantiv and it can be used by anyone at
> https://github.com/LitleCo/litle-sdk-for-java
> Below is the URL:
> https://www.testlitle.com/sandbox/communicator/online
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
