> -----Original Message----- > From: KARR, DAVID > Sent: Friday, February 10, 2017 2:31 PM > To: httpclient-users@hc.apache.org > Subject: How to use TLSv1.2 with httpclient 4.1.2 (httpcore 4.1.3) > > I've been asked to look at some old code using httpclient-4.1.2 and > httpcore-4.1.3, which connects to internal sites using TLSv1.0. We now > need to force it to use TLSv1.2. Several other devs have tried to get > this to work, and they've all given up, for now. I've seen many > StackOverflow postings, and in other places, that talk about the various > ways to resolve this. > > Could someone give me a succinct summary of what I need to do to make > this work? > > If part of the answer means that I'll need to upgrade to a newer version > of httpclient, I'm ok with that, but only if it's really necessary. > Upgrading that may result in other impacts which I'd like to minimize.
Sorry, but I've discovered that my problem is not quite what I thought. We are using a more recent version of httpclient, 4.5.1, but our container is running JDK 1.7. I verified that if I run our test with JDK 1.8, it works fine, but with JDK 1.7, it doesn't attempt to negotiate a TLS 1.2 connection. I've seen some sample code that purports to force the client to try to negotiate a TLS1.2 connection, but I'm going to have to ensure that this will also work when connecting with a TLS1.0 server, and hopefully will also work fine when/if we upgrade the container to JDK 1.8. Before I attempt to implement that, is there a reasonable summary of what would be required for this? --------------------------------------------------------------------- To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org For additional commands, e-mail: httpclient-users-h...@hc.apache.org
