Versions Compared

Version Old Version 1 New Version Current
Changes made by

Jason Wides

Marc Amouyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Problem

When running with the SeaLIghts SeaLights Java agent, depending on the proxy and security setting, an SSL connection can be encountered when using java 7 with a version lower that 131.

Cause

This is due to TLS 1.2 not being added by default till java 7 version 131 (See https://www.oracle.com/technetwork/java/javase/7u131-relnotes-3338543.html)

Solution

The best option would be solution is to upgrade java to ajve 7 version 131 or later .
If this is not possible which will automatically support TL1.2, if you are using an older version of Java 7 then you can set the supported list by updating the property https.protocol with the value TLSv1,TLSv1.1,TLSv1.2

Doing so depending on your setup:

Jenkins Maven build step:

Under 'Invoke top-level Maven targets with SeaLights Continuous Testing'->SeaLights...->SeaLights Advanced...->'Additional Arguments' add 'sealightsJvmParams=TLSv1,TLSv1.1,TLSv1.2'

Maven pom.xml

In the configuration section add an entry for 'https.protocol' set to TLSv1,TLSv1.1,TLSv1.2 like the following:

Code Block
<profile>
	<id>sealights</id>
    	<build>
        	<plugins>
            	<plugin>
                	<groupId>io.sealights.on-premise.agents.plugin</groupId>
					...
					<configuration>
						...
						<sealightsJvmParams><https.protocol>TLSv1,TLSv1.1,TLSv1.2</https.protocol></<sealightsJvmParams>
					</configuration>
                    <executions>
					...

Gradle build.gradle

In the sealights section add a parameter called 'https.protocols' set to TLSv1,TLSv1.1,TLSv1.2 like in the following:

Code Block
allprojects { p ->
    if(project.hasProperty('sealights')){
        apply plugin: 'io.sealights.on-premise.agents.plugin.sealights-gradle-plugin'
        sealights {
			...
			sealightsJvmParams=["https.protocols":"TLSv1,TLSv1.1,TLSv1.2"]
	}
}

Command line

Pass the -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 to the JVM:

Code Block
java -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 -jar ...

add the following JVM param: -Dhttps.protocols=TLSv1.2.

Add TLS v1.1 and v1.2 to the client list of default-enabled protocols
TLSv1.2 and TLSv1.1 are now enabled by default on the TLS client end-points.
This is similar behavior to what already happens in JDK 8 releases.

In some cases there may be a cipher suite mismatch between the Java 7 environment and the TLS 1.2 supporting peer.
Additional ciphers can be added using an extra JVM param e.g. "-Dhttps.cipherSuites=TLS_RSA_WITH_AES_128_CBC_SHA256"  (comma separated list if adding multiple ciphers)

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@1422e
sortmodified
showSpacefalse

...

reversetrue
typepage
cqllabel in ( "tests" , "java" , "powermock" , "coverage" ) and type = "page" and space = "SUP"
labelsPowerMock Java Tests Coverage


Page Properties
hiddentrue


Related issues