Back to Zing Documentation Home
Using Version 1.3 of Transport Layer Security (TLS) Protocol
Starting with ZVM 20.07.0.0, Zing 8 supports TLS 1.3 by default and follows the application programming interface (API) changes introduced by Maintenance Release 3 to the Java SE 8 specification. See JDK-8248721: Backport TLSv1.3 protocol implementation for more information.
Version 1.3 of the TLS protocol is included in the default (SunJSSE) JSSE provider in Zing 8.
In addition to the default JSSE provider, Zing 8 also includes a non-default Legacy8uJSSE provider. The Legacy8uJSSE provider contains the prior provider implementation (8u252 JSSE without TLS 1.3 support) as a fallback measure, and the non-default OpenJSSE provider previously included in Zing 8 distributions for non-default support for TLS 1.3.
The table below lists three bundled modes for JSSE in Zing 8.
Name | Description | How to Enable |
Default |
The SunJSSE provider includes SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3 protocols support. Note: By default, TLS 1.3 is disabled on the client side. You can enable it via the SSLSocket/SSLEngine/SSLParameters/SSLContext API, jdk.tls.client.protocols, or https.protocols properties. |
Enabled by default |
Fallback |
The Legacy8uJSSE provider includes the prior, 8u252 JSSE provider implementation (without TLS 1.3 support). This mode may be useful if any application issues are introduced by the new TLS 1.3 support in the default JSSE provider. |
-XX:+UseLegacy8uJSSE
|
OpenJSSE |
The OpenJSSE provider includes a TLS 1.3 protocol implementation. This mode is introduced in Zing 8 starting with ZVM 19.08.0.0 and may be useful for prior users of the OpenJSSE provider that wish to keep using it in place of the new default SunJSSE provider (even though the new default provider now includes all functionality previously covered by the OpenJSSE provider). For example, applications that chose to use org.openjsse APIs directly may want to keep using the OpenJSSE mode. |
-XX:+UseOpenJSSE
|
Zing 11 supports version 1.3 of the TLS protocol by default.
See Also
- Using the Zing Virtual Machine
- Running a Java Application
- Using ZVM Command-Line Options
- Using ZVM with the Falcon Compiler
- Using ReadyNow!
- Using Compact Strings
- Using Compile Stashing
- Invoking Zing with Native Application
- Reducing Deoptimizations
- Using ZVM Instance Configuration Recommendations
© Azul Systems, Inc. 2020 All rights reserved. |
![]() ![]() ![]() |
|