Hello,
We run a legacy application that uses Java 6. Recently, our partners notified us that they are going to drop support of TLS versions older than TLS 1.1.
For us that means that after the upgrade our outbound HTTPS connections to thse partners will stop working.
The application is big and upgrade to newer version of JDK is something that we cannot afford now.
We tried to use the latest non-public release of Java 6 that we downloaded from restricted section of Oracle site, incorporates jdk-6u113, but it does not use TLS 1.1. by default,
so an attempt to connect to remove endpoint with no TLS 1 supportresults is handshake exception.
Please can someone let us know how we should enable TLS1.1 by means of changing the configuration ?
I already tried a couple different options:
- By adding a property deployment.security.TLSv1.1=true to deployment.properties in .java folder for the user who runs java, and
- By including -Ddeployment.security.TLSv1.1=true system property to the java command line.
Neither option seems to work; it appears that deployment.security.TLSv1.1 is only used by never version of Java.
Also need to say that the application in question is quite big, and making change in the code in order to enable TLS 1.1 is something we would like to avoid.
--
Kind Regards, Mike