1

Following this older question : Does Tomcat support TLS v1.2?, I would like to update it to know whether TLS 1.3 is supported in recent versions of Tomcat.

I didn't find explicit information in Tomcat 9.0 documentation : https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html

As far as I know, Java 11 seems to include TLS 1.3 support (release notes).

Notes

Community
  • 1
  • 1
Guillaume Husta
  • 4,049
  • 33
  • 40
  • 1
    Same answer. The TLS version is supported by Java, not by Tomcat. – user207421 Aug 30 '19 at 09:44
  • It seems to be more subtle than that, as it is possible to use APR/Tomcat Native instead of JSSE. – Guillaume Husta Aug 30 '19 at 10:19
  • 1
    So I don't think this is _strictly the same_ answer... – Guillaume Husta Aug 30 '19 at 10:21
  • It is strictly the same answer for the reason I gave above, which also appears several times in the duplicate. And please when we get to TLS 1.4 don't ask the same question yet again. – user207421 Aug 30 '19 at 11:08
  • Thanks for this constructive answer – Guillaume Husta Aug 30 '19 at 11:29
  • 1
    Tomcat supports whatever protocols its underlying environment supports. So if you are using Java 11, you can use TLSv1.3 through JSSE with the Java built-in crypto provider. If you are using OpenSSL through either the APR connector or through the OpenSSL-JSSE provider, then you can use whatever protocols OpenSSL supports, regardless of Java version. – Christopher Schultz Sep 04 '19 at 16:13
  • 1
    I've updated the Tomcat 9 documentation to include roughly what I said above. – Christopher Schultz Sep 04 '19 at 16:27
  • Thanks, it should be useful. I was able to find mentions of the protocols though at this page, including TLS 1.3 : https://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support – Guillaume Husta Sep 05 '19 at 07:17

0 Answers0