The following information applies only to Java SSL implementation (the default SSL implementation in the AWS SDK for Java). If you're using a different SSL implementation, see your specific SSL implementation to learn how to enforce TLS versions.
TLS 1.2 is supported starting in Java 7.
To check what TLS version is supported in your Java virtual machine (JVM), you can use the following code.
System*.out.println(*Arrays*.toString(*SSLContext*.getDefault().getSupportedSSLParameters().getProtocols()));To see the SSL handshake in action and what version of TLS is used, you can use the system property javax.net.debug.
java app.jar -Djavax.net.debug=sslAWS SDK for Java 1.x
- Apache HTTP client: The SDK always prefers TLS 1.2 (if it's supported in the platform).
AWS SDK for Java 2.x
- ApacheHttpClient: The SDK always prefers TLS 1.2 (if it's supported in the platform).
- UrlHttpConnectionClient: To enforce only TLS 1.2, you can use this Java command.
java app.jar -Djdk.tls.client.protocols=TLSv1.2Or use this code.
System.setProperty("jdk.tls.client.protocols", "TLSv1.2");- NettyNioHttpClient: The SDK dependency for Netty is TLS 1.2 (if it's supported in the platform).