Mike, It sounds like the problem could be related to the specific Java vendor and version, or related to Java Security settings.
Java 8 Update 261 [1] and following include TLSv1.3, and Java 11 also includes TLSv1.3 as you noted. However, the java.security configuration can disable specific TLS versions using the jdk.tls.disabledAlgorithms property. It is possible that a custom java.security configuration disabled TLSv1.3, perhaps for compatibility reasons. Checking the java.security configuration for the JDK installation would be a good next step for troubleshooting. Regards, David Handermann [1] https://www.oracle.com/java/technologies/javase/8u261-relnotes.html [2] https://docs.oracle.com/en/java/javase/11/security/java-secure-socket-extension-jsse-reference-guide.html#GUID-0A438179-32A7-4900-A81C-29E3073E1E90 On Tue, Aug 15, 2023 at 8:43 AM Mike Thomsen <[email protected]> wrote: > Roughly copy-pasta: "ERROR o.anifi.security.util.SslContextFactory > Encountered an error creating SSLContext from TLSConfiguration > [TlsConfiguration]keystorePath.....protocol=TLSv1.3): TLSv1.3 SSLContext > not available" > > Can't copy and paste because it's on a client's network. > > On Tue, Aug 15, 2023 at 9:41 AM Phillip Lord <[email protected]> > wrote: > >> Can you add the error here for more context? >> On Aug 15, 2023 at 9:38 AM -0400, Mike Thomsen <[email protected]>, >> wrote: >> >> As the subject line says, we're getting a weird error when trying to >> migrate to RHEL8. We're already on Java 11 on RHEL7, but for some reason >> NiFi is running into problems instantiating a TLSv1.3 SSLContext. >> >> Does anyone have any suggestions on what could be happening here? >> >>
