You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by "FUMIN (JIRA)" <ji...@apache.org> on 2019/01/25 19:07:00 UTC

[jira] [Created] (HTTPCLIENT-1967) HttpClient does not appears to support TLSv1.3 well

FUMIN created HTTPCLIENT-1967:
---------------------------------

             Summary: HttpClient does not appears to support TLSv1.3 well
                 Key: HTTPCLIENT-1967
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1967
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient (Windows)
    Affects Versions: 4.5.6, 4.5.3
         Environment: Windows
            Reporter: FUMIN
         Attachments: TestHttpClient.java

# Set up a clean Apache Tomcat server, in my case I downloaded 8.5.37.
 # Setup and change the server.xml to setup HTTPS/TLS 1.3 connector, I have this section:

    <Connector port="8443" protocol="HTTP/1.1" scheme="https" secure="true"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig ciphers="TLS_AES_256_GCM_SHA384" protocols="TLSv1.3" sslProtocol="TLS">
            <Certificate certificateKeystoreFile="conf/.keystore" certificateKeystoreType="jks"/>
        </SSLHostConfig>
    </Connector>

3. Connect from Chrome or Firefox, able to verify browser can connect to the server with TLSv1.3 cipher suites.

4. Use a test program, such as the attached.  Notice the behavior.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org