Information related to the JAVA JCE may be found at this URL. You will need to acquire the current version of the JCE from Oracle to expand the list of potential cipher strings to include all possibilites. Sixth: The JAVA JRE which is included with the SOAPUI/Ready! API application does not include the "unlimited" version of the JCE JAVA Cryptography Extensions. This option controls which SSL protocols are available when negiating the initial HTTPS connection between the client and the server.įifth: The JVM option directs the SOAPUI/Ready! API application to use the OpenSSL cipher string when sending the request to the server. This design provides us with the ability to create multiple configurations via the use of numerous iterations of these configuration/startup files.įourth: The JVM option provides management of the SSL protocol list. The batch file startup use soapui.bat/ready-api.bat. The Windows start menu startup used the SoapUI-5.1.3.vmoptions/ReadyAPI-1.3.0.vmoptions file. The Windows start menu, command line execution and batch files are all available. Third: SOAPUI/Ready! API application provides us with several methods of starting the application. The cipher suite names may be found on the OpenSSL support site. Second: The SOAPUI/Ready! API application provides support for ciphers based on OpenSSL. The Cipher string is set globally during startup. My first observation is that the SOAPUI/Ready! API application does not provide control of the Cipher string at the request level. NSS included support for TLS v1.1 in 3.I am working directly with SmartBear support on this question and they are providing valuable insight.openssl includes support for TLS v1.1 and TLS v1.2 in OpenSSL 1.0.1.Then you can go and have a look at the release notes for that version and see if it includes TLS support. Which is going to dump out something like OpenSSL/1.0.1k So how to figure out what the openssl (or NSS) library is capable of? 
So I believe the right question to ask here is what is the OpenSSL library capable of.
That should output what TLS version was used to connect.Ĭurl relies on the underlying OpenSSL (or NSS) library to do the negotiation of the secure connection.
There is a method called curl_getinfo(), but info it returns is not useful for me: => That in theory should force curl to use TLSv1.2.īut that's theory - I need to verify that it actually uses TLS - is there any method for that? I changed my code by adding: curl_setopt($objCurl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2) SSL is supported until the end of January. Until now, remote server supported SSL and TLS but because of "poodle" bug, admin decided to disable SSL and use TLS only. In my PHP app I use PHP's CURL and openssl, to connect and talk using SOAP.
0 kommentar(er)
