I am trying to run this JNLP file on Windows 10 to connect to a server (actually, I am connecting to a dedicated server via KVM over IPMI (IPKVM) or whatever it is called, so I can install a new operating system).
I am getting error
The server selected protocol version TLS10 is not accepted by client preferences.
Is there something I need to do in Java client to fix the error?
On
It appears that the latest update of Java 11 has disabled TLS 1.0 and TLS 1.1.
Here is the detailed documentation on how to enable it again: TLS 1.0/1.1 changes in OpenJDK and Amazon Corretto
Apparently, I was caught in this issue because of a JDK update today and had hard time finding it. This can help.
On
Don't update to Java 11. Nowadays TLS 1.0 is outdated. The sites using TLS 1.0 and TLS 1.1 certificates for encryption will be marked as insecure in browsers.
So better to update the Transport Layer Security (TLS) version in SQL Server.
Please follow the pages:
On
Problem: TLS 1.0 is not supported in Java 1.8 and above. To connect to SQL Server 2014 and below servers, you need to send TLS 1.0 connection.
Solution: if you downgrade your project to Java 1.7 version this problem will be solved. The JDBC driver version you are using should be 4.2.
Solution for Java 1.7 SSL connection issue:
You will get an error when you query websites with SSL certificate in Java 1.7 version. To fix this error; Download the site’s .cer certificate. Next (note we are talking about JRE file here), write “keytool” in the carsets file at %path_java_jre\lib\security. Your connection problem will disappear.
On
I had this issue recently, it was because I was trying to connect to an old version of Microsoft SQL Server (2012, ver. 11.00.3156) using the latest versión of the SQL Server JDBC Driver (ver. 12.2.0) with a newer versión JDK (ver. 11.0.15).
It happens because newer versión of JDK by default dissable some old security algorithms like TLSv1.0 (in favor of newer like TLSv1.2/TLSv1.3) which the old SQL Server is requiring as security algorithm.
To solve the issue I changed the JDBC driver to an older version 8.2.2 and I had to pass some java security VM options to the JDK to override some security configs and remove TLSV1.0 from the disabled algorithms
VM options to pass to JDK
-Djdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL
(note that TLSv1.0 and TLSv1.1 are removed from the original JDK list)
Doing that I managed to successfully connect to the old SQL Server 2012. Hope this help you
On
If you are using eclipse first check the path of jre used by eclipse.
For knowing the path of JRE used by eclipse you can follow the below steps.
(project>properties>java build path> libraries).
click on JRE system library>edit>installed JREs
Now it will display the path of JRE currently used by eclipse.
Go to JRE>conf>security and
open java.security file and remove TLSv1 from the property jdk.tls.disabledAlgorithms
On
I know this is a Windows 10 related question, but just in case somebody is looking for an answer. I found this helpful hint here.
For RedHat based JVMs (e.g. Docker image registry.redhat.io/ubi8/openjdk-11-runtime) you have to remove TLSv1 from the property jdk.tls.disabledAlgorithms in:
/etc/crypto-policies/back-ends/java.config
as modifying the java.security file alone, will not solve the issue.
On
On Linux but, Java being cross platform, I believe the main options I used still apply. I had the same errors as OP and an additional one about a self-signed jar. To use the tool to connect and install/manage the OS:
/usr/local/lib/jvm/jre1.8.0_x/), without adding it to $PATH.
I didn't want the outadted version to be used by default for anything./usr/local/lib/jvm/jre1.8.0_x/bin/javaws -viewer, then escaped out of the cache viewer dialogue, to add the servers to the Exception Site List under the Security tab, e.g. https://10.24.12.6/.
This causes Java to show a warning dialogue rather than blocking the load entirely..jnlp.
The environment variable is set inline so it's used only for that one run rather than using a global setting or affecting the entire shell.
In Windows, you probably have to set that environment variable separately, which will affect all subsequent invocations of java, javaws, etc. in that running shell, but the values should be the same.
_JAVA_OPTIONS='-Djdk.tls.client.protocols=TLSv1 -Dhttps.protocols=TLSv1 -Djdk.tls.disabledAlgorithms=None -Djdk.jar.disabledAlgorithms=None' /usr/local/lib/jvm/jre1.8.0_x/bin/javaws my-connection-file.jnlp
Though I'd allowed TLSv1 in the security settings, the client was still refusing to use it, so connections continued to fail.
The protocols directives force the client to use the necessary one.
Note the x in the paths is the actual version number.
The first thing to do: Go to folder
C:\Program Files\Java\jre1.8.0_291\lib\security. In thejava.securityfile, find optionjdk.tls.disabledAlgorithmsand deleteTLSv1.If it still doesn't work, make sure that the line:
exists in file
C:\Users\JavaUser\AppData\LocalLow\Sun\Java\Deployment\deployment.properties.