[jira] [Commented] (QPID-8353) [Broker-J][JMS AMQP 0-x] Add support for TLSv1.3

["ASF GitHub Bot (Jira)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/QPID-8353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16934261#comment-16934261 ] 

ASF GitHub Bot commented on QPID-8353:
--------------------------------------

vavrtom commented on pull request #38: QPID-8353 Added support for TLSv1.3
URL: https://github.com/apache/qpid-broker-j/pull/38
 
 
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> [Broker-J][JMS AMQP 0-x] Add support for TLSv1.3
> ------------------------------------------------
>
>                 Key: QPID-8353
>                 URL: https://issues.apache.org/jira/browse/QPID-8353
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Broker-J, JMS AMQP 0-x
>            Reporter: Alex Rudyy
>            Priority: Major
>             Fix For: qpid-java-broker-8.0.0, qpid-java-broker-7.1.4
>
>
> As part of QPID-7056 the functionality for establishing TLS connectivity in Qpid Broker-J and JMS client for AMQP 0-x have been changed to enforce creation of SSLContext with a hard-coded sub-set of TLS protocols (TLSv1.2, TLSv1.1, TLS, TLSv1).  See {{SSLUtil#tryGetSSLContext()}}. As result, both broker and client might not be able to establish TLSv1.3 connections when JDK 11 or above is used unless TLSv1.2, TLSv1.1 are explicitly blacklisted. The code needs to be improved to allow TLSv1.3. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org