Affects Version/s: 12.0.0, 12.0.1, 12.0.2
Environment:Oracle jdk1.8.0_51 on tomcat 8.0.24
Steps to reproduce:
1. Configure a OpenDJ datastore to accept only TLSv1.2 connections.
2. Configure OpenAM (as LDAPS client) in JVM to connect to the datastore using TLSv1.2:
3. Using javax.net.debug=SSL, observe in OpenAM container debug that OpenAM will still try to use TLSv1.1 and fail during handshake.
OpenAM does not set SSL/TLS protocol when using DJ SDK's SSLContextBuilder class. I.e. setProtocol() is apparently never called.
This results in DJ SDK calling:
Which prevents a JVM property of
from taking effect.