Search code examples
javac++java-native-interfacetls1.2

Java 1.8 native System.load calling C++ through JNI yields TLSv1. How can I get TLSv1.2?

I have some simple Java Code:

public class Test1 { 

    static { System.load("D://HelloWorld.dll"); }

    public native String displayHelloWorld(String aaa);

    public static void main (String[] args) {
        Test1 t = new Test1();
        String aaa = "Hello World";
        String output = t.displayHelloWorld(aaa);
        System.out.println(output);
    }
}

And I have some simple C++ code which makes HelloWorld.dll. Source Code Link

After some false starts, the C++ code is working perfectly. However, the C++ code that I am using links to a .dll (which I don't control) and that .dll makes a secure web service call. The question is, how do I control the TLS version of that secure web service call.

If I take the same C++ code, and compile that with a .NET target version of 4.6, in a console application it makes the web service request with TLSv1.2 (according to wireshark). However, if I move that same code into a dynamic DLL (HelloWorld.dll above), then call that .dll from the java above, the web service request is with TLSv1.

WHY? I assume there must be something in the Java JNI which is restricting the TLS to TLSv1, but what? How can I get my JNI to use TLSv1.2.

I have attempted to utilize the following: Java 1.8 Default TLS should be v1.2 (I am using java version "1.8.0_171") Java command line flags: -Dhttps.protocols=”TLSv1.2″ -Djdk.tls.client.protocols=”TLSv1.2″ (these appear to have no affect)

Thanks for any advice.

Similar Question

Solution

  • Update: I am not sure if all steps are necessary, but here is the steps which allowed me to finally get a TLSv1.2 connection to the web service.

    1) The owner of the service I was attempting to connect to modified the web service settings to only allow TLS1.2.

    2) A small modification was added to the library which was connecting to the web service. The following line of code was added before any network communication was attempted:

        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

    Reminder of my situation: Java->C++->Library->WebService

    So there were 2 changes, one in the Library to specifically request Tls12, and one on the WebService to block all other communication styles.

    I think the difference was the line of code added to the library. I would have liked to have solved the problem without any modification to the library, but since the problem is solved now, I am done, and I thank everyone for any time spent on my issues.