Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Why is there a mix of TLS 1.3 and 1.2?

meandmycodeMay 2 2022

Hi,
I have tested TLS 1.3 vs a server that supports it. It is a bit confusing since I see both TLS 1.2 and 1.3 write/reads when I have enabled logging using -Djavax.net.debug=all
I have changed my code and use jdk 11 latest (11.0.14).
Here is the code change:

 private static final String[] VERSIONS = new String[] { "TLSv1.2","TLSv1.3"};
  ((SSLSocket) socket).setEnabledProtocols(VERSIONS);

I have attached the log.
Here are my questions:
Why is there a mix of TLS 1.3 and 1.2 READ and WRITE? There are |WRITE: TLSv1.3 handshake, length = 2064 (no READ). READ: TLSv1.2 handshake, length = 122 ( no WRITE). It seems that the 1.3 was negotiated.
When 1.3 is negotiated should not READ and WRITE both be using 1.3?
Is my handshake complete?

I have attached my log too.
pure_tls_1.3.log (131.09 KB)br,

Comments
Post Details
Added on May 2 2022
0 comments
353 views