Java 8/11 disabled TLS 1.0/1.1 by default.

1 minute read

OpenJDK has backported disabling TLS 1.0 and 1.1 by default.

The relevant OpenJDK tickets can be found: CSR, Enhancement

Some counter points to backporting this were made on the mailing list.

TLS 1.0 and 1.1 are disabled by default starting from version 11.0.11, 8u292 and 7u301. Not all distributions kept the behaviour.

Amazon Corretto

Amazon decided to re-enable TLS 1.0 and 1.1 by default. This can be found in the release notes:

Java 11
Java 8
Java 16 disables TLS 1.0 and 1.1 by default.

Azul Community

Azul decided to keep the default disable.

Java 11
Java 8
Java 7

AdoptOpenJDK

AdoptOpenJDK keeps the default disable.

Enable

To enable TLS 1.0 or 1.1 again you can alter the java.security file and remove TLSv1 or TLSv1.1 from the security property jdk.tls.disabledAlgorithms.

Tim

Java 8/11 disabled TLS 1.0/1.1 by default.

Amazon Corretto

Azul Community

AdoptOpenJDK

Enable

You May Also Enjoy

Spring Security 6.1.2 requestMatchers error.

Raspberry PI pass NTP config with DHCP.

Configure the Spring ThreadPoolTaskExecutor.

How to enable Java SSL revocation checking.