Question:
Enabling SSL v3.0 in java 8
Answer:
Starting with the January 20, 2015 Critical Patch Update releases (JDK 8u31, JDK 7u75, JDK 6u91 and above) the Java Runtime Environment has SSLv3 disabled by default.
It should be noted that SSLv3 is obsolete and should no longer be used.
See: http://www.oracle.com/technetwork/java/javase/8u31-relnotes-2389094.html
If you must re-enable SSLv3.0 on either 8u31, 7u75, 6u91 all you have to do is comment out the following line in JRE_HOME/lib/security/java.security:
It should be noted that SSLv3 is obsolete and should no longer be used.
See: http://www.oracle.com/technetwork/java/javase/8u31-relnotes-2389094.html
If you must re-enable SSLv3.0 on either 8u31, 7u75, 6u91 all you have to do is comment out the following line in JRE_HOME/lib/security/java.security:
jdk.tls.disabledAlgorithms=SSLv3
Code:
import javax.net.ssl.*; public class SocketProtocols { public static void main(String[] args) throws Exception { SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket soc = (SSLSocket) factory.createSocket(); // Returns the names of the protocol versions which are // currently enabled for use on this connection. String[] protocols = soc.getEnabledProtocols(); System.out.println("Enabled protocols:"); for (String s : protocols) { System.out.println(s); } } }
Output:
Before enabling SSL 3.0 $ /jdk1.8.0_31/bin/java SocketProtocols Enabled protocols: TLSv1 TLSv1.1 TLSv1.2 After enabling SSL 3.0 $ /jdk1.8.0_31/bin/java SocketProtocols Enabled protocols: SSLv3 TLSv1 TLSv1.1 TLSv1.2
