MySQL Forums
Forum List  »  Connector/JDBC and Java

Re: TLSv1.2 support
Posted by: Alexander Soklakov
Date: December 02, 2016 02:50AM

Hi Briag,

There is actually the problem here caused by impossibility to know the SSL library version from the server greeting. Connector/J relies on server version name instead, means if it contains "enterprise", "commercial" or "advanced" then c/J assumes that the server is compiled with OpenSSL and then add TLSv1.2 to allowed protocol list. Otherwise c/J assumes that server is compiled with yaSSL and excludes TLSv1.2 from allowed protocols. Such strange behaviour is caused by unresolved problem with SSL handshake between Java and yaSSL in case TLSv1.2 is used. We're working on that.

The temporary workaround, since you're recompiling server, could be to change the server name to something containing "enterprise", "commercial" or "advanced".

Thanks,
Alex

Options: ReplyQuote


Subject
Written By
Posted
September 15, 2016 02:47AM
Re: TLSv1.2 support
December 02, 2016 02:50AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.