[英]Using TLS 1.2 from java 6
We have a legacy web application that runs in a tomcat under java 6, upgrading to 7 or 8 is infeasible as the application needs significant work to allow this and the fixes required are too large to implement in a legacy application.我们有一个在 java 6 下的 tomcat 中运行的遗留 Web 应用程序,升级到 7 或 8 是不可行的,因为应用程序需要大量工作才能实现这一点,并且所需的修复程序太大而无法在遗留应用程序中实现。 We now have a requirement to connect outbound (ie as a client) over TLS 1.2 however java 6 only supports 1.0.我们现在需要通过 TLS 1.2 连接出站(即作为客户端),但是 java 6 仅支持 1.0。 We use Apache as our web-server and OpenSSL for incoming connections and this happily supports TLS 1.2 etc.我们使用 Apache 作为我们的网络服务器和 OpenSSL 用于传入连接,这很高兴支持 TLS 1.2 等。
Has anyone had to address a similar issue, or can you comment on the following potential work arounds:有没有人必须解决类似的问题,或者您能否评论以下潜在的解决方法:
Don't use openssl's s_client for this - it's slow, and intended more for debugging/testing.不要为此使用 openssl 的 s_client - 它很慢,并且更多地用于调试/测试。
Try using stunnel .尝试使用stunnel 。 It's designed for use cases like yours, and you can find plenty of example configs to get you started.它专为像您这样的用例而设计,您可以找到大量示例配置来帮助您入门。 You'd want to make sure to include the sslVersion = TLSv1.2
directive in your configuration to force use of TLS 1.2.您需要确保在配置中包含sslVersion = TLSv1.2
指令以强制使用 TLS 1.2。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.