On Fri, Feb 10, 2017 at 3:30 PM, KARR, DAVID <dk0...@att.com> wrote: > I've been asked to look at some old code using httpclient-4.1.2 and > httpcore-4.1.3, which connects to internal sites using TLSv1.0. We now need > to force it to use TLSv1.2. Several other devs have tried to get this to > work, and they've all given up, for now. I've seen many StackOverflow > postings, and in other places, that talk about the various ways to resolve > this. > > Could someone give me a succinct summary of what I need to do to make this > work? > > If part of the answer means that I'll need to upgrade to a newer version of > httpclient, I'm ok with that, but only if it's really necessary. Upgrading > that may result in other impacts which I'd like to minimize.
You might want to look at this thread [1] discussing a similar query. However, the SSLConnectionSocketFactory [2] used that example was introduced in client version 4.3 from the class documentation. Another option would be to disable TLS v1.0 in the JRE itself [3]. - Bindul [1] https://lists.apache.org/thread.html/3e869bd14dea55febc4a8a03bc1d2663e68371c37b69fb581a58d8d7@1436119445@%3Chttpclient-users.hc.apache.org%3E [2] http://svn.apache.org/repos/asf/httpcomponents/httpclient/branches/4.5.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java [3] https://www.java.com/en/configure_crypto.html#enableTLSv1_2 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org > For additional commands, e-mail: httpclient-users-h...@hc.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org
