Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
My Netty application is running as TCP Socket server on JDK1.8 . JDK 1.8 supports TLS 1.0, TLS 1.1 and TLS 1.2 .
We want to enforce the communication between TCP server and client over TLSv1.2 at server side (no lower protocol needs to be used) .
Below is the code snippet :
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream("JKS location"), "password");
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, "password".toCharArray());
SslContext sslContext = SslContextBuilder.forServer(kmf).build();
pipeline.addLast(sslContext.newHandler(socketChannel.alloc()));
How can we enforce netty server to communicate over TLS1.2 protocol only ?
Just configure the SSLEngine correctly:
SslHandler handler = sslContext.newHandler(socketChannel.alloc());
handler.engine().setEnabledProtocols(new String[] {"TLSv1.2"});
–
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
