How to switch between TLS 1.0 and SSL 3.0 at Java/JRE level?

java tls protocols

Solution 1:

Disclaimer: from my point of view it is not a good idea to donwgrade the connection protocol to SSLv3 unless you have a device which does not support TLS.

If you really need it you can force the tomcat connector to use the SSLv3 protocol. In the connector XML configuration:

<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector protocol="HTTP/1.1" port="8443" ... sslProtocol="SSLv3"/>

the sslProtocol attribute accepts the SSLContext algorithm names defined in the Java documentation. The default value is TLS.

The HTTP connector documentation is also available here : http://tomcat.apache.org/tomcat-7.0-doc/config/http.html

UPDATE

It seems possible to specify the authorized protocols for SSL and TLS with the java system property https.protocols (see here). You can launch your application with

java -Dhttps.protocols="SSLv3" ... -jar myapp.jar

Related

How do I get a network interface up in rhel 7?
How can I validate a ZFS snapshot image residing on a backup system?
How do I make Ansible actually compile a config file having changed my debconf settings for an application?
Is it better to drop a MySQL database before doing a restore?
Disable authentication for HTTP OPTIONS method (preflight request)
Add cronjob with bash script - No crontab for root [duplicate]
Minimal Postfix master.cf
How to edit Active-Directory Site properties via Powershell?
Install Active Directory PowerShell module on Windows Server 2012
How to recover data from an Exchange 2013 database after a complete Active Directory loss?
What should be the right logs permissions for NGINX on CentOS?
Ansible with SSH keys