Confluence does not support TLS 1.3 with Java 11.0.7

XMLWordPrintable

    • Type: Bug
    • Resolution: Cannot Reproduce
    • Priority: Low
    • None
    • Affects Version/s: 7.9.0
    • Component/s: Server - Authentication
    • None
    • 2
    • Severity 3 - Minor
    • 0

      Problem

      Confluence is not currently supporting the use of TLS 1.3 due to its Java version

      Environment

      Adopt OpenJDK 11.0.7_10

      Steps to Reproduce

      Add the parameter sslEnabledProtocols="TLSv1.3"

      Expected Results

      Confluence is up and running.
      Confluence is able to handshake with other apps

      Actual Results

      13-Nov-2020 10:30:24.188 SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[org.apache.coyote.http11.Http11Nio2Protocol-443]]
	org.apache.catalina.LifecycleException: Protocol handler initialization failed

      Workaround

      Remove the TLS 1.3 parameter from the server.xml and setenv.sh.
      If using Windows as a Service, remove the TLSv1.3 parameter from -Djdk.tls.client.protocols and -Djdk.tls.server.protocols.

      Notes

      If Jira enabled TLS 1.3, the application link between Confluence and Jira will try to handshake with 1.3 and that won't work.
      Please consider removing the parameter on both sides before creating the app link.

            Assignee:
            Unassigned
            Reporter:
            Rodrigo Oliveira (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: