Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Cannot Reproduce
-
3.1.4
-
None
-
None
-
Unknown
Description
Hi,
I'm doing a migration from CXF 2.4.6 to 3.1.4
This code is working perfectly fine in 2.4.6:
SSLContext sslcontext = SSLContext.getInstance("TLSv1"); ... TLSClientParameters tlsClientParameters = new TLSClientParameters(); tlsClientParameters.setSSLSocketFactory(sslcontext.getSocketFactory()); http.setTlsClientParameters(tlsClientParameters);
The ssl protocol version is respected when making the call (i-e TLSv1)
With SSLContext.getInstance("TLSv1.1") the call is made with TLSv1.1
With SSLContext.getInstance("TLSv1.2") the call is made with TLSv1.2
All is fine.
However, in 3.1.4, no matter the provided tls version it will always be TLSv1.2. The provided ssl version in SSLContext.getInstance("TLSv1") is just ignored.
I checked with 3.2.7 and 2.7.18. It is failing as well.
Thank you in advance for checking it.
Regards