Java 1.3 and JSSE

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Java 1.3 and JSSE

Elango
Hi All,

I am working with a OS/2 running on Java 1.3 with JSSE. Recently we implemented TLS and few times the the whole application hangs when 1 thread calls createSocket call. The same code works most times

I tried looking for the sources of JSSE in 2002 and could not find one. Any help in troubleshooting this issue will be appreciated.

Thanks,
Elango
Reply | Threaded
Open this post in threaded view
|

Re: Java 1.3 and JSSE

Bradford Wetmore
security-dev is not a support mailing list, it's for the current
development of the JDK.  But may I make a couple suggestions?

JSSE 1.0.3_* was never open sourced, and it along with Sun/Oracle JDK
1.3 haven't been supported in many many years.  I'm not sure where you
got your OS/2 Java distribution, but you could check with them.

Frankly there are so many security issues with these old versions, I
would strongly advise against using it.  This would be an excellent time
to update to something more modern.

My standard advice is to turn on JSSE debugging (-Djavax.net.debug=all)
and/or capturing packets from a network packet sniffer to get a better
idea where things might be dying, but you're pretty much on your own.

Good luck,

Brad


On 2/25/2016 9:44 PM, Elango wrote:

> Hi All,
>
> I am working with a OS/2 running on Java 1.3 with JSSE. Recently we
> implemented TLS and few times the the whole application hangs when 1
> thread calls createSocket call. The same code works most times
>
> I tried looking for the sources of JSSE in 2002 and could not find one.
> Any help in troubleshooting this issue will be appreciated.
>
> Thanks,
> Elango
Reply | Threaded
Open this post in threaded view
|

Howto extend JDK9 TLS-CipherSuites

Thomas Lußnig-3
Hi,

with JDK 8 it was Possible to extend the List of Available CipherSuites
by modify the sun.security.ssl.CipherSuite.
With JDK9 and the module system this is not any more possible with an
bootclasspath, is there any other way
to do it? Disable module check or something ?


Gruß Thomas Lußnig