Running TLS 1.2 on Java 6 wth BouncyCastle

java ssl bouncycastle apache-httpclient-4.x tls1.2
10,245

BouncyCastle is only a JCE provider (providing cryptographic algorithms) and not a JSSE provider (providing SSL and TLS through SSLSocket, SSLSocketFactory, etc). By adding BouncyCastle as security provider you only register BouncyCastle's JCE provider. Some more info here.

Since Apache HttpClient also uses JSSE you cannot plug BouncyCastle's TLS implementation either. You could maybe extend Java's JSSE classes leveraging BouncyCastle's TLS implementation, but this will take some effort.

If you want to use BouncyCastle's TLS implementation you can find an example in this thread.

Share:
10,245
AbuMariam
Author by

AbuMariam

Updated on June 05, 2022

Comments

  • AbuMariam
    AbuMariam almost 2 years

    I have an Apache Http Client which needs to connect to a server which requires TLS 1.2, but right now this client is running on jdk 1.6 and an upgrade is not possible at this time. So I opted for Bouncy Castle. I set it up on my Mac as shown in this post.

    Here is my code which uses a SSLContextBuilder...

    import org.apache.http.ssl.SSLContextBuilder;

 SSLContextBuilder sslContextBuilder = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
  public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
    return true;
  }
});

 // set SSL context builder to use TLSv1 protocoil
 sslContextBuilder = sslContextBuilder.useProtocol("TLSv1.1");

    But at the last line here I get this exception...

       Caught: java.security.NoSuchAlgorithmException: TLSv1.1 SSLContext not available
java.security.NoSuchAlgorithmException: TLSv1.1 SSLContext not available
at org.apache.http.ssl.SSLContextBuilder.build(SSLContextBuilder.java:271)

    Looks like that SSLContextBuilder is not seeing my BouncyCastle. Or is my BouncyCastle not supporting TLS 1.1? If I change it to "TLSv1" then it works.

    Or is there a better way to do this (hooking up my apache httpclient to bouncycastle so my java 6 program can connect to a tlsv1.2 server)?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to enable TLSv1.2 in JAVA 7u80 client
How to verify if the private key matches with the certificate..?
SSLContextImpl is not initialized
Using BouncyCastle for a simple HTTPS query
Got "Unrecognized Windows Sockets error: 0: recv failed" while posting message
SSL Handshake failure with Java version "1.7.0_79"
Decode/Read a CSR (Certificate Signing Request) Using Java or BouncyCastle
HttpClient: ssl handshake on every request
Java 11 SSLHandshakeException with TLS 1.3: How do I revert to TLS 1.2?
Tomcat 7 getting SSLv2Hello is disabled error when trying to make client server ssl authntication