0

I have a legacy web application that runs on Tomcat7 with Java6 and makes web service calls to multiple external services. One of those service providers has decided to end support for TLS1.

I tried to upgrade the JVM to java7 and java8 and see what happens. Well, in java8 where it is default TLS1.2 the affected service works. However, the other services are affected.

Is there a way of specifying TLS version by service w/o changing the code?

shikarishambu
  • 101
  • 2

1 Answers1

1

One option you could do is setup a nginx reverse proxy with the backend endpoint set as the TLS1.x endpoint. Then set the nginx front-end to support TLS1 (or whatever transport encryption you need).

If you're running it on localhost and have it bound to that interface, there's not really a worry about the lower encryption level (as it's only traveling on the lower encryption level within the host OS)

Brennen Smith
  • 1,742
  • 8
  • 11