[ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1967?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

FUMIN updated HTTPCLIENT-1967:
------------------------------
    Description: 
# Set up a clean Apache Tomcat server, in my case I downloaded 8.5.37.
 # Setup and change the server.xml to setup HTTPS/TLS 1.3 connector, I have 
this section:

    <Connector port="8443" protocol="HTTP/1.1" scheme="https" secure="true"
                maxThreads="150" SSLEnabled="true" >
         <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
         <SSLHostConfig ciphers="TLS_AES_256_GCM_SHA384" protocols="TLSv1.3" 
sslProtocol="TLS">
             <Certificate certificateKeystoreFile="conf/.keystore" 
certificateKeystoreType="jks"/>
         </SSLHostConfig>
     </Connector>

3. Connect from Chrome or Firefox, able to verify browser can connect to the 
server with TLSv1.3 cipher suites.

4. Use a test program, such as the attached.  Update the URL to point to the 
TLS1.3 supported server. Run the program, Notice the behavior.

(Note, I am using java 11 for both the server and the client where TLSv1.3 is 
supported)

  was:
# Set up a clean Apache Tomcat server, in my case I downloaded 8.5.37.
 # Setup and change the server.xml to setup HTTPS/TLS 1.3 connector, I have 
this section:

    <Connector port="8443" protocol="HTTP/1.1" scheme="https" secure="true"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig ciphers="TLS_AES_256_GCM_SHA384" protocols="TLSv1.3" 
sslProtocol="TLS">
            <Certificate certificateKeystoreFile="conf/.keystore" 
certificateKeystoreType="jks"/>
        </SSLHostConfig>
    </Connector>

3. Connect from Chrome or Firefox, able to verify browser can connect to the 
server with TLSv1.3 cipher suites.

4. Use a test program, such as the attached.  Notice the behavior.


> HttpClient does not appears to support TLSv1.3 well
> ---------------------------------------------------
>
>                 Key: HTTPCLIENT-1967
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1967
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient (Windows)
>    Affects Versions: 4.5.3, 4.5.6
>         Environment: Windows
>            Reporter: FUMIN
>            Priority: Major
>         Attachments: TestHttpClient.java
>
>
> # Set up a clean Apache Tomcat server, in my case I downloaded 8.5.37.
>  # Setup and change the server.xml to setup HTTPS/TLS 1.3 connector, I have 
> this section:
>     <Connector port="8443" protocol="HTTP/1.1" scheme="https" secure="true"
>                 maxThreads="150" SSLEnabled="true" >
>          <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
>          <SSLHostConfig ciphers="TLS_AES_256_GCM_SHA384" protocols="TLSv1.3" 
> sslProtocol="TLS">
>              <Certificate certificateKeystoreFile="conf/.keystore" 
> certificateKeystoreType="jks"/>
>          </SSLHostConfig>
>      </Connector>
> 3. Connect from Chrome or Firefox, able to verify browser can connect to the 
> server with TLSv1.3 cipher suites.
> 4. Use a test program, such as the attached.  Update the URL to point to the 
> TLS1.3 supported server. Run the program, Notice the behavior.
> (Note, I am using java 11 for both the server and the client where TLSv1.3 is 
> supported)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org

Reply via email to