From 1c1833709beaa1d103cc9e02827347c0c696d263 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Warcha=C5=82?= Date: Thu, 16 Feb 2017 10:35:13 +0100 Subject: [PATCH] Use TLSv2 by default --- .../dockerjava/core/LocalDirectorySSLConfig.java | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/main/java/com/github/dockerjava/core/LocalDirectorySSLConfig.java b/src/main/java/com/github/dockerjava/core/LocalDirectorySSLConfig.java index 961c282de..5e4a7fa57 100644 --- a/src/main/java/com/github/dockerjava/core/LocalDirectorySSLConfig.java +++ b/src/main/java/com/github/dockerjava/core/LocalDirectorySSLConfig.java @@ -45,14 +45,6 @@ public SSLContext getSSLContext() { Security.addProvider(new BouncyCastleProvider()); - // properties acrobatics not needed for java > 1.6 - String httpProtocols = System.getProperty("https.protocols"); - System.setProperty("https.protocols", "TLSv1"); - SslConfigurator sslConfig = SslConfigurator.newInstance(true); - if (httpProtocols != null) { - System.setProperty("https.protocols", httpProtocols); - } - String caPemPath = dockerCertPath + File.separator + "ca.pem"; String keyPemPath = dockerCertPath + File.separator + "key.pem"; String certPemPath = dockerCertPath + File.separator + "cert.pem"; @@ -61,6 +53,8 @@ public SSLContext getSSLContext() { String certpem = new String(Files.readAllBytes(Paths.get(certPemPath))); String capem = new String(Files.readAllBytes(Paths.get(caPemPath))); + SslConfigurator sslConfig = SslConfigurator.newInstance(true); + sslConfig.securityProtocol("TLSv1.2"); sslConfig.keyStore(CertificateUtils.createKeyStore(keypem, certpem)); sslConfig.keyStorePassword("docker"); sslConfig.trustStore(CertificateUtils.createTrustStore(capem));