问题
I am trying to configure a HTTPS Outbound connector that uses TLS v1.1 or v1.2. Not sure how to achieve that. I am running Mule Studio plugin within STS. Mule runtime is 3.6.2 EE.
I tried putting the tls-default.conf in resources folder, but get exception saying something like "Unsupported Cipher".
I have debug enabled and can see that the Handshake is using TLS V1
How can I make it use TLS v1.1 or v1.2?
回答1:
You need to configure it at the connector level:
<https:connector name="https">
<spring:property name="sslType" value="TLSv1.2" />
</https:connector>
And reference the connector from you http outbound endpoint using connector-ref
回答2:
Already answered in https://forums.mulesoft.com/questions/41012/getting-error-when-hitting-a-rest-api-via-https.html#answer-43960
Below is the answer I posted.
I resolved it in my system.
When it is not working in the Runtime that is attached in the Anypoint studio then follow the below steps.
Navigate to the Anypoint studio installation directory Search for "tls-default.conf" in the folder. This will show you all the files for all the Runtimes that you have installed. there will be a property "enabledProtocols" make sure that it contains the TLSv1 in it as below enabledProtocols=TLSv1,TLSv1.1,TLSv1.2This above should apply to Cloud hub (Most of the times it is already enabled) or on-premise systems.
回答3:
It seems you might be affected by this issue. To check this, you can try using 3.6.4 EE which has the fix. You could also try using the HTTP module instead of the transport which is not affected by the issue.
Keep in mind that Studio had a bug where they launched the runtime without taking the tls-default.conf into account, so you will need to add the file in Studio to verify it there.
Another workaround could be adding the following system property -Dhttps.protocols=TLSv1.1,TLSv1.2. Both this and the tls configuration edit will affect all connections in a runtime.
来源:https://stackoverflow.com/questions/38107124/enable-tls-1v-2-in-mule-https-connector