Java 7 oracle does not support TLSv1.2

Question

Java 7 oracle does not support TLSv1.2. I have been trying to run my code and I have tried the following things:

    System.setProperty("deployment.security.TLSv1.1", "false")
    System.setProperty("deployment.security.TLSv1", "false")
    System.setProperty("deployment.security.TLSv1.2", "true")
    System.setProperty("https.protocols", "TLSv1.2")
    System.setProperty("https.cipherSuites", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,AES_256_GCM,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")

and it does not help.

How can I force my Java7 application to use Tlsv1.2. I can run my program using java8 which by default uses TLS1.2 and everything works perfectly.

How can I do it in Java7 from oracle.

I have also tried going into /usr/lib/jvm/java-7-oracle/jre/lib/security and disabled jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1 but it still does not work.

What am I dong wrong?

Btw I get sslhandshakeexception-handshake-failure

EDIT:

Error:

0000: 02 28                                              .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
166  [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection  - Connection org.apache.http.impl.conn.DefaultClientConnection@6b18e1c6 closed
166  [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection  - Connection org.apache.http.impl.conn.DefaultClientConnection@6b18e1c6 shut down
main, called close()
main, called closeInternal(true)


[main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager  - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@1f2dc289
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
        at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:214)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:160)

Answer 1

I run into the same issue and, since I was making my requests using Apache HTTP Client library, I solved it initializing my HttpClient this way

CloseableHttpClient client = HttpClients.custom()
                                 .setSSLSocketFactory(getSSLContext())
                                 .build();

where the getSSLContext() method is this

private SSLConnectionSocketFactory getSSLContext() throws NoSuchAlgorithmException {
    return new SSLConnectionSocketFactory(
          SSLContext.getDefault(),
          new String[]{"TLSv1.2"},
          null,
          new NoopHostnameVerifier());
}

Answer 2

I will answer my own question incase someone has a similar problem:

I spent 2 days trying everything and finally I figured it out.

In Java-7-oracle its not possible to use TLS1.2. Even configuring it using System Properties or even setting up at SSLContext level did not help me. Their support is very bad. Although in Java-8-oracle, it is possible.

Simply changing my java to java-7-openjdk-amd64 did the trick for me.