2

I am passing JVM parameter as -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2. But in code ,I am explicitly getting the SSL context object as SSLContext sc = null; sc = SSLContext.getInstance("TLS");.

Will the TLS version be highest version (1.2) in this case, or i need to explicitly get the TLS version as

sc = SSLContext.getInstance("TLSv1.2");

to support TLS version 1.2

Improve this question

1 Answer 1

Reset to default
1

Probably not.

According to the documentation, this setting is only used by HttpsURLConnection and URl#openStream.

https.protocols

Controls the protocol version used by Java clients which obtain https connections through use of the HttpsURLConnection class or via URL.openStream() operations.

If you directly obtain your own SSLContext, the setting is likely not consulted.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

For Java8, there is a new setting that seems more comprehensive: stackoverflow.com/questions/11504173/sslcontext-initialization jdk.tls.client.protocols
Is there a way to capture the outbound traffic like using wireshark etc and determine the TLS version at runtime?
... or a public web service that accepts and dumps HTTPS requests.
On Wireshark TLS version can be seen asTLSv1 or TLSv1.1...depending on the case. You need to configure protocols in wireshark menu and enter the port on which TLS communication has to be captured.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.