> -----Original Message----- > From: Bhowmik, Bindul [mailto:[email protected]] > Sent: Friday, February 10, 2017 3:12 PM > To: HttpClient User Discussion <[email protected]> > Subject: Re: How to use TLSv1.2 with httpclient 4.1.2 (httpcore 4.1.3) > > On Fri, Feb 10, 2017 at 3:30 PM, KARR, DAVID <[email protected]> wrote: > > I've been asked to look at some old code using httpclient-4.1.2 and > httpcore-4.1.3, which connects to internal sites using TLSv1.0. We now > need to force it to use TLSv1.2. Several other devs have tried to get > this to work, and they've all given up, for now. I've seen many > StackOverflow postings, and in other places, that talk about the various > ways to resolve this. > > > > Could someone give me a succinct summary of what I need to do to make > this work? > > > > If part of the answer means that I'll need to upgrade to a newer > version of httpclient, I'm ok with that, but only if it's really > necessary. Upgrading that may result in other impacts which I'd like to > minimize. > > You might want to look at this thread [1] discussing a similar query. > However, the SSLConnectionSocketFactory [2] used that example was > introduced in client version 4.3 from the class documentation. > > Another option would be to disable TLS v1.0 in the JRE itself [3]. > > - Bindul > > [1] > https://lists.apache.org/thread.html/3e869bd14dea55febc4a8a03bc1d2663e68 > 371c37b69fb581a58d8d7@1436119445@%3Chttpclient-users.hc.apache.org%3E > [2] > http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/4.5.x > /httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFa > ctory.java > [3] https://www.java.com/en/configure_crypto.html#enableTLSv1_2
The curious thing about the info on this last page is that when I search for JDK 1.7 on the Oracle JDK downloads page, the newest version available is 1.7.0_80, but this page talks about a property being introduced in 1.7.0_95.
