Menu
We have an application using Mule standalone 3.5 (I know...) and need to force it to use TLS 1.1 or 1.2 for HTTPS.
We have upgraded to the latest Java 8 (8u112). We have modified the mule's tls-default.conf to include the following:
enabledProtocols=SSLv2Hello,
TLSv1.1
TLSv1.2
Our HTTPS GET request results in the exception:
No appropriate protocol (protocol is disabled or cipher suites are inappropriate) (javax.net.ssl.SSLHandshakeException)
Is there anyway to get Mule 3.5's https connector to use TLS 1.1 or 1.2 for HTTPS?
Our application also uses a Salesforce connector <sfdc:...> which works correctly using TLS 1.2 after our Java upgrade and configuration changes.
Note that Mule 3.5 still has a separate connector for HTTPS (not the combined connector for HTTP/HTTPS that was introduced in 3.6).
We are looking to avoid upgrading to a newer version of Mule since we intended to replace our use of Mule in the near future anyway, and our investigations into upgrading do not indicate that it will be easy.
UPDATE:
In addition to using the fix in Ryan Carter's answer, I also had to fix the mistake in the tls-default.conf by escaping the newlines:
enabledProtocols=SSLv2Hello, \
TLSv1.1 \
TLSv1.2
481
You can configure TLS for your app in Anypoint Studio (Studio). For example, to configure TLS in HTTP Listener: Open Studio Center.
Mule 4x is configured by default to use TLSv1. 1 and TLSv1. 2. Configuation for this can be seen in the /conf/tls-default.
Yes the Salesforce connector automatically uses JDK's default TLS version.
But for the https connector you need to add a property to your https connector:
<https:connector name="https">
<spring:property name="sslType" value="TLSv1.2"/>
</https:connector>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
