问题
I am trying to enable TLSv1.3 in jboss 7.0.0 GA as given below
<https-listener name="default-https" enabled-protocols="TLSv1.1,TLSv1.2,TLSv1.3" security-realm="ApplicationRealm" socket-binding="https"/>
I can able to connet via TLSv1.1 and TLSv1.2 but while trying to connect via TLSv1.3 am getting the below error.
Caused by: java.security.NoSuchAlgorithmException: TLSv1.3 SSLContext not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) ~[?:1.8.0_144]
at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156) ~[?:1.8.0_144]
at org.xnio.ssl.JsseSslUtils.createSSLContext(JsseSslUtils.java:90) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
at org.xnio.ssl.JsseSslUtils.createSSLContext(JsseSslUtils.java:67) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
at org.xnio.ssl.JsseXnioSsl.<init>(JsseXnioSsl.java:79) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
at org.xnio.Xnio.getSslProvider(Xnio.java:272) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
at org.jboss.remoting3.remote.RemoteConnectionProvider.connect(RemoteConnectionProvider.java:207) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:326) ~[jboss-client-7.0.0.GA-redhat-2.jar:7.0.0.GA-redhat-2]
... 68 more
回答1:
The TLS 1.3 specification is still in draft and not yet available in Java.
The Java Secure Socket Extension reference guide lists the currently supported protocols.
Update
TLS 1.3 is now supported in Java 11
回答2:
Starting with WildFly 11 (I don't know to which JBoss EAP this was backported) you should be able to use TLS 1.3 through OpenSSL assuming you have OpenSSL 1.1.1 or later.
http://wildfly.org/news/2017/10/06/OpenSSL-Support-In-Wildfly/
来源:https://stackoverflow.com/questions/49429574/enable-tlsv1-3-in-jboss-7-0-0-ga