0

I am trying to enable TLS 1.2 in my web app which uses Tomcat 5.5 and Java 1.7. I am checking the website TLS version on both chrome and IE. Things I have tried:

  • adding -Dhttp.protocols = TLSv1.2 to JAVA_OPTS in setenv.bat. (still shows TLS 1)
  • setting ssLENabledProtocols to TLSV1.2 in the server.conf file. (still shows TLS 1)
  • setting ssLProtocol to TLSV1.2 in server conf file. (website does not open)
  • setting JAVA_HOME to JDK 8 in setenv.bat file. (still shows TLS 1)

Is there anything I could do to enable TLS 1.2?

There is a website hosted using IIS with TLSV1.2 on the same server.

Ramesh Verma
  • 111
  • 1
  • 9
  • You will need to upgrade your JDK to something that supports TLS 1.2, and then you will probably need to upgrade your Tomcat to something that is supported by the JDK you have arrived at. You are eight years out of date with everything here. – user207421 Aug 03 '20 at 10:03
  • @MarquisofLorne What is the minimum JDK and Tomcat version needed for this? – Ramesh Verma Aug 03 '20 at 10:53
  • Sun (Oracle) JDK 7 supports TLSv1.2, I think its update 95 and higher. But when you say it "shows TLS 1", how do you test ? – souser Aug 03 '20 at 23:06
  • @souser I am testing by opening the site in chrome and edge browser. Other sites hosted from IIS on same machine are showing TLS1.2 on these browsers but not the site hosted on Tomcat. – Ramesh Verma Aug 05 '20 at 06:39
  • And you are using https correct ? In your connector for https you need to specify SSLProtocol="TLSv1.2" Reference. https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html – souser Aug 05 '20 at 22:19
  • @souser yes I have tried SSLProtocol="TLSv1.2". – Ramesh Verma Aug 06 '20 at 06:09

0 Answers0