jwks-rsa-java icon indicating copy to clipboard operation
jwks-rsa-java copied to clipboard

Published 20 hours ago verified publisher icon auth0

To support higher TLS Version

Open vijayakumaroorappan opened this issue 1 year ago • 2 comments

currently to get the jwk keys from discovery URL(https://login.microsoftonline.com/tenentID/discovery/v2.0/keys). It creates default URLConnection and TLS. How we can create customized TLS connection. My server is disabled TLSv1 and TLSv1.1. class: public class UrlJwkProvider implements JwkProvider { method: private Map<String, Object> getJwks() throws SigningKeyNotFoundException {

URLConnection connection = (URLConnection) url.openConnection();

Something similar like this. HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();

SSLContext sc = SSLContext.getInstance("TLSv1.2"); sc.init(null, null, new java.security.SecureRandom());

vijayakumaroorappan avatar Apr 18 '23 08:04 vijayakumaroorappan

Hi

how can I add multiple prtocols instead of just one ? this SSLContext.getInstance("TLSv1.2") allows since protocol only. I have a list SSLv3/TLSv1/TLSv1.1/TLSv1.2/TLSv1.3 which I want to be able to use instead of just one. Is that possible ?

shivaniy24 avatar Apr 27 '23 11:04 shivaniy24

Thanks for raising this; I don't believe this is currently possible but this is something we should look into adding.

jimmyjames avatar May 08 '23 13:05 jimmyjames