You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ignite.apache.org by "Ivan Daschinsky (Jira)" <ji...@apache.org> on 2021/09/21 10:48:00 UTC

[jira] [Commented] (IGNITE-15336) TLSv1.3 and Java 11

    [ https://issues.apache.org/jira/browse/IGNITE-15336?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17418034#comment-17418034 ] 

Ivan Daschinsky commented on IGNITE-15336:
------------------------------------------

TLS 1.3 is backported to jdk 1.8 and also doesn't work properly in ignite.

> TLSv1.3 and Java 11
> -------------------
>
>                 Key: IGNITE-15336
>                 URL: https://issues.apache.org/jira/browse/IGNITE-15336
>             Project: Ignite
>          Issue Type: Improvement
>    Affects Versions: 2.10
>            Reporter: Alexey Kukushkin
>            Priority: Major
>
> Enhance Ignite to support TLSv1.3 with Java 11.
> Ignite currently does not support TLSv1.3 with Java 11. This is [documented|https://ignite.apache.org/docs/latest/setup#running-ignite-with-java-11-or-later]: 
> _TLSv1.3, which is available in Java 11, is not supported at the moment. Consider adding {{‑Djdk.tls.client.protocols=TLSv1.2}} if SSL between nodes is used._
> h3. Reproducer
> The problem can be reproduced by trying to connect an Ignite Java thin client to Ignite server over an secure connection.
> Add TLSv1.3 to the list of protocols in {{SSLContext}} and set the {{SSLContext}} in the {{ClientConnectorConfiguration}} on the server and {{ClientConfiguration}} on the client.
> An attempt to {{Ignition.startClient({sslContext: {protocols: ['TLSv1.3']}})}} fails with a {{ClientConnectionException}} saying _Channel is closed_.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)