File tree Expand file tree Collapse file tree
main/java/io/github/jopenlibs/vault
test/java/io/github/jopenlibs/vault Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -578,7 +578,7 @@ private SSLContext buildSslContextFromJks() throws VaultException {
578578 }
579579
580580 try {
581- final SSLContext sslContext = SSLContext .getInstance ("TLSv1.2 " );
581+ final SSLContext sslContext = SSLContext .getInstance ("TLSv1.3 " );
582582 sslContext .init (keyManagers , trustManagers , null );
583583 return sslContext ;
584584 } catch (NoSuchAlgorithmException | KeyManagementException e ) {
@@ -643,7 +643,7 @@ private SSLContext buildSslContextFromPem() throws VaultException {
643643 keyManagers = keyManagerFactory .getKeyManagers ();
644644 }
645645
646- final SSLContext sslContext = SSLContext .getInstance ("TLSv1.2 " );
646+ final SSLContext sslContext = SSLContext .getInstance ("TLSv1.3 " );
647647 sslContext .init (keyManagers , trustManagers , null );
648648 return sslContext ;
649649 } catch (CertificateException | IOException | NoSuchAlgorithmException | KeyStoreException |
Original file line number Diff line number Diff line change @@ -78,7 +78,7 @@ public class Rest {
7878
7979 static {
8080 try {
81- DISABLED_SSL_CONTEXT = SSLContext .getInstance ("TLSv1.2 " );
81+ DISABLED_SSL_CONTEXT = SSLContext .getInstance ("TLSv1.3 " );
8282 DISABLED_SSL_CONTEXT .init (null , new TrustManager []{new X509ExtendedTrustManager () {
8383 @ Override
8484 public void checkClientTrusted (X509Certificate [] chain , String authType ,
Original file line number Diff line number Diff line change 1212import org .eclipse .jetty .server .Server ;
1313import org .junit .Test ;
1414
15+ import java .util .Arrays ;
16+ import javax .net .ssl .SSLContext ;
1517import static org .junit .Assert .assertEquals ;
18+ import static org .junit .Assert .assertTrue ;
1619
1720/**
1821 * Unit tests for the Vault driver, having no dependency on an actual Vault server instance being
@@ -279,4 +282,15 @@ public void testSslJks_loadKeyStoreAndTrustStore() throws Exception {
279282 VaultTestUtils .shutdownMockVault (server );
280283 }
281284
285+ @ Test
286+ public void testSslContextFromPemSupportsTls13 () throws Exception {
287+ final SslConfig sslConfig = new SslConfig ().pemResource ("/cert.pem" ).build ();
288+ final SSLContext sslContext = sslConfig .getSslContext ();
289+ final java .util .List <String > supported = Arrays .asList (
290+ sslContext .getSupportedSSLParameters ().getProtocols ());
291+ assertTrue ("SSLContext from PEM must support TLSv1.3" , supported .contains ("TLSv1.3" ));
292+ assertTrue ("SSLContext from PEM must support TLSv1.2" , supported .contains ("TLSv1.2" ));
293+ }
294+
295+
282296}
You can’t perform that action at this time.
0 commit comments