Forum Stats

  • 3,769,241 Users
  • 2,252,938 Discussions
  • 7,874,958 Comments

Discussions

TLSv1.2 with Thin JDBC driver

User_5FQQH
User_5FQQH Member Posts: 6 Red Ribbon
edited Nov 4, 2015 10:15AM in General Database Discussions

I've set up a secure connection, and the handshake connects using TLSv1.

Is there a way to have it negotiate TLSv1.2?

I'm using ojdbc7.jar from 12.1.0.2

Tagged:

Best Answer

Answers

  • Unknown
    edited Nov 3, 2015 7:34PM
    4b46e1c7-25c8-482d-80a3-70a2eb58f321 wrote:
    
    I've set up a secure connection, and the handshake connects using TLSv1.
    Is there a way to have it negotiate TLSv1.2?
    
    I'm using ojdbc7.jar from 12.1.0.2
    

    why are you posting a question about networking in an Oracle database forum?

    Oracle DB has NO inherent or builtin network capability & depends 100% upon the underlying OS for any & all network functionality.

  • Unknown
    edited Nov 3, 2015 8:43PM

    Are you explicitly setting the protocol to TLSv2 using one of these methods?

    <span class="pun">-</span><span class="typ">Dhttps</span><span class="pun">.</span><span class="pln">protocols</span><span class="pun">=</span><span class="str">"TLSv2"</span><span class="pln"> </span>
    <span class="typ">System</span><span class="pun">.</span><span class="pln">setProperty</span><span class="pun">(</span><span class="str">"https.protocols"</span><span class="pun">,</span><span class="pln"> </span><span class="str">"TLSv2"</span><span class="pun">);</span>
    
    

    If you need more help than the above then please mark the thread ANSWERED and repost it in the JDBC forum.

    When you repost provide the code you are using that shows how you are connecting.

    Also post any info about how the client JVM is being launched and the properties being set:

  • Igoroshka
    Igoroshka Member Posts: 1,585 Gold Trophy
    edited Nov 4, 2015 5:12AM

    During handshake client and server agree on maximal common protocol. If you defined protocol as TLSv1.2 but actual communication is using TLSv1.0 probably server does not configured to support TLSv1.2+.

  • Igoroshka
    Igoroshka Member Posts: 1,585 Gold Trophy
    edited Nov 4, 2015 5:17AM
  • User_5FQQH
    User_5FQQH Member Posts: 6 Red Ribbon
    edited Nov 4, 2015 9:26AM
    rp0428 wrote:
    
    Are you explicitly setting the protocol to TLSv2 using one of these methods?
    
    <span class="pun">-</span><span class="typ">Dhttps</span><span class="pun">.</span><span class="pln">protocols</span><span class="pun">=</span><span class="str">"TLSv2"</span><span class="pln"> </span>
    <span class="typ">System</span><span class="pun">.</span><span class="pln">setProperty</span><span class="pun">(</span><span class="str">"https.protocols"</span><span class="pun">,</span><span class="pln"> </span><span class="str">"TLSv2"</span><span class="pun">);</span>
    
    If you need more help than the above then please mark the thread ANSWERED and repost it in the JDBC forum.
    
    When you repost provide the code you are using that shows how you are connecting.
    
    Also post any info about how the client JVM is being launched and the properties being set:
    

    Thank you for a helpful response.

    I wasn't aware there was a JDBC-specific forum. When I searched the forums for "JDBC", one of the first hits I got was , which was in the "General" forum, so I thought I would start here.

    I've set -Dhttps.protocols to "TLSv1.2", but I continue to get "ClientHello, TLSv1" in the logs.

    I will repost in the JDBC forum.

  • Unknown
    edited Nov 4, 2015 10:15AM Accepted Answer

    Thanks for reposting in the correct forum.

    Please mark this thread ANSWERED.

This discussion has been closed.