[lyo-dev] TLSv1.2 support

["Jim Amsden" <jamsden@xxxxxxxxxx>]

AT&T has requested OSLC4J support for
TLSv1.2. 

Bug 397668 Remove TLSv1.2 (https://bugs.eclipse.org/bugs/show_bug.cgi?id=397668)
removed TLSv1.2 support from the OSLC4J java client because of some issue
with Java 7. 
--- a/org.eclipse.lyo.client.java/src/main/java/org/eclipse/lyo/client/oslc/OslcClient.java
+++ b/org.eclipse.lyo.client.java/src/main/java/org/eclipse/lyo/client/oslc/OslcClient.java
@@ -67,8 +67,7 @@ public class OslcClient
{
private HttpClientPool clientPool;
private ClientConfig clientConfig;

- /* List of secure socket protocols.
Note: TLSv1.2 is supported from Java 7, SSL_TLS is specific for the IBM
JVMs */
- private static final String SECURE_SOCKET_PROTOCOL
[] = new String[] {"TLSv1.2","TLS","SSL","SSL_TLS"};
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
+ private static final String SECURE_SOCKET_PROTOCOL
[] = new String[] {"TLS","SSL","SSL_TLS"};
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$

As part of my work on updating the java
client dependencies, I put TLSv1.2 back in the SECURE_SOCKET_PROTOCOL array,
and the client builds fine, and all the sample client applications are
now running.

Is this all that is needed for the OSLC4J
client to support TLSv1.2? Does anyone know how TLSv1.2 support could be
specifically tested to make sure it works?

I would like to create a 2.2.0-SNAPSHOT
build of the java client at some point so AT&T can try it to be sure
it meets their needs.




Jim Amsden, Senior Technical Staff Member
OSLC and Linked Lifecycle Data
919-525-6575