4 Mayıs 2023 Perşembe

Java SSL/TLS Ayarları

https.protocols
Açıklaması şöyle. Yani sadece HttpsURLConnection ayarları içindir
javax.net.ssl.protocol and https.protocols are related but distinct properties in Java.

javax.net.ssl.protocol is a system property that specifies the SSL/TLS protocol version that should be used by default for all SSL/TLS connections initiated by the Java runtime environment. This property can be set to one of the following values: SSLv3, TLSv1, TLSv1.1, or TLSv1.2. The default value is TLSv1.2 starting from Java 8.

On the other hand, https.protocols is a system property that can be used to specify the list of SSL/TLS protocols that should be used by HttpsURLConnection and related classes specifically for HTTPS connections. This property provides more granular control over the SSL/TLS protocols used for HTTPS connections, and allows different protocols to be used for different connections.

In practice, it's recommended to use https.protocols for HTTPS connections to allow fine-grained control of the SSL/TLS protocols, while using javax.net.ssl.protocol for other SSL/TLS connections, such as LDAP over SSL (LDAPS), Java Messaging Service (JMS), or Remote Method Invocation (RMI), that may be initiated by the Java runtime environment.
Örnek
Şöyle yaparız
-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2,TLSv1.3 
jdk.tls.disabledAlgorithms
Açıklaması şöyle. 
Specifies a comma-separated list of cryptographic algorithms that should be disabled during TLS negotiation.
Örnek
Şöyle yaparız. Burada eski bazı algoritmalar kullanılmıyor
-Djdk.tls.disabledAlgorithms=RC4, MD5, SSLv3, DES, SHA1

Hiç yorum yok:

Yorum Gönder