Java Security

4b46e1c7-25c8-482d-80a3-70a2eb58f321 wrote:

I've set up a secure connection, and the handshake connects using TLSv1.
Is there a way to have it negotiate TLSv1.2?

I'm using ojdbc7.jar from 12.1.0.2

why are you posting a question about networking in an Oracle database forum?

Oracle DB has NO inherent or builtin network capability & depends 100% upon the underlying OS for any & all network functionality.

Are you explicitly setting the protocol to TLSv2 using one of these methods?

-Dhttps.protocols="TLSv2" 
System.setProperty("https.protocols", "TLSv2");

If you need more help than the above then please mark the thread ANSWERED and repost it in the JDBC forum.

When you repost provide the code you are using that shows how you are connecting.

Also post any info about how the client JVM is being launched and the properties being set:

During handshake client and server agree on maximal common protocol. If you defined protocol as TLSv1.2 but actual communication is using TLSv1.0 probably server does not configured to support TLSv1.2+.

This may be interested -- https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https

rp0428 wrote:

Are you explicitly setting the protocol to TLSv2 using one of these methods?

-Dhttps.protocols="TLSv2" 
System.setProperty("https.protocols", "TLSv2");

If you need more help than the above then please mark the thread ANSWERED and repost it in the JDBC forum.

When you repost provide the code you are using that shows how you are connecting.

Also post any info about how the client JVM is being launched and the properties being set:

Thank you for a helpful response.

I wasn't aware there was a JDBC-specific forum. When I searched the forums for "JDBC", one of the first hits I got was , which was in the "General" forum, so I thought I would start here.

I've set -Dhttps.protocols to "TLSv1.2", but I continue to get "ClientHello, TLSv1" in the logs.

I will repost in the JDBC forum.