Enable TLS 1.2 in Java 1.7 or Java 1.6
We have disabled TLS 1.0 and 1.1 encryption protocols across the University's web services. Doing so prevents these protocols from being used to access Warwick websites via an insecure web browser or application. We made this change to keep the University's sites safe and secure.
If your application connects to Single Sign-on (websignon.warwick.ac.uk) or WebGroups (webgroups.warwick.ac.uk) via a server-to-server connection, and your application runs in a JVM on a version of Java prior to 1.8, you need to change your application to support TLS 1.2 for communicating to Single Sign-on and WebGroups.
If your application runs on Java 1.7 or Java 1.6 (update 111 or later), you can set the https.protocols
system property when starting the JVM to enable additional protocols for connections made using the HttpsURLConnection
class – for example, by setting -Dhttps.protocols=TLSv1.2
.
If your application runs on Java 1.6 prior to update 111, or earlier, TLS 1.1 and 1.2 are not supported. Therefore, you need to update the version of Java your application runs on.
If you use another library for connections such as Apache HttpClient, you should consult the documentation to enable TLS 1.2.