Sumit Sharma created AMQ-9661:
---------------------------------
Summary: ActiveMQ client ja code is sending both TLSv1.2 and
TLSv1.3 in the ClientHello message, even when TLSv1.3 is explicitly set using
SSLContext.getInstance("TLSv1.3").
Key: AMQ-9661
URL: https://issues.apache.org/jira/browse/AMQ-9661
Project: ActiveMQ Classic
Issue Type: Bug
Environment: We are configuring *ActiveMQ client classes* to use
*TLSv1.3* explicitly by setting the {{org.apache.activemq.broker.SslContext}}
as follows:
SslContext mqSslcontext = new SslContext();
mqSslcontext .setCurrentSslContext(
javax.net.ssl.SSLContext.getInstance("TLSv1.3"))
However, during the {*}SSL handshake{*}, the *ClientHello* message sent by
ActiveMQ still includes both *TLSv1.2 and TLSv1.3* in the
{{supported_versions}} extension, instead of restricting it to *TLSv1.3.*
* {*}ActiveMQ jars Version{*}: 6.1.5
* {*}JDK Version{*}: JDK 17
* {*}Operating System{*}: linux
Reporter: Sumit Sharma
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
