I want to configure JMX communication for TLSv1.2 and TLSv1.3.
I added the java vm argument Dcom.sun.management.jmxremote.ssl.enabled.protocols=TLSv1.2
and checked whether it would work for version greater than and equal to TLSv1.2. Unfortunately it doesn't.
I ran openssl s_client connect command with -tls1_2 and got the certificate chain and the handshake.
But when I ran the same command with -tls1_3 , I got the following
Basically no certificate chain and the handshake.
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 259 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
This doc says that one can provide multiple versions delimited with comma but it isn't working.
How to provide the support for both the versions ? Adding the same argument twice for both versions won't work since it would give precedence to the right-most one.
java version
openjdk 11.0.16 2022-07-19
OpenJDK Runtime Environment (build 11.0.16+8-post-Ubuntu-0ubuntu120.04)
OpenJDK 64-Bit Server VM (build 11.0.16+8-post-Ubuntu-0ubuntu120.04, mixed mode)
