[
https://issues.apache.org/jira/browse/AMQ-9661?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17966260#comment-17966260
]
Jean-Baptiste Onofré commented on AMQ-9661:
-------------------------------------------
It seems to work as expected with
ssl://localhost:61611?socket.enabledProtocols=TLSv1.3
If you don't specify the enabledProtocols, by default, ActiveMQ is using all
TLS versions.
Can you please share some details ?
> ActiveMQ client jar code is sending both TLSv1.2 and TLSv1.3 in the
> ClientHello message, even when TLSv1.3 ssl context is set in SSLContext
> -------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: AMQ-9661
> URL: https://issues.apache.org/jira/browse/AMQ-9661
> Project: ActiveMQ Classic
> Issue Type: Bug
> Components: JMS client
> Environment: * {*}ActiveMQ jars Version{*}: 6.1.5
> * {*}JDK Version{*}: JDK 17
> * {*}Operating System{*}: linux
> Reporter: Sumit Sharma
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: 6.2.0, 6.1.7
>
> Attachments: TlsExample.java
>
>
> We are configuring *ActiveMQ client classes* to use *TLSv1.3* explicitly by
> setting the {{org.apache.activemq.broker.SslContext}} as follows:
> SslContext mqSslcontext = new SslContext();
> mqSslcontext .setCurrentSslContext(
> javax.net.ssl.SSLContext.getInstance("TLSv1.3"))
> However, during the {*}SSL handshake{*}, the *ClientHello* message sent by
> ActiveMQ still includes both *TLSv1.2 and TLSv1.3* in the
> {{supported_versions}} extension, instead of restricting it to *TLSv1.3.*
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
