hato
hato copied to clipboard
Expose TLS protocol version setting when creating SSLContext?
When comparing a reference implementation of an API integration in Java for porting it to Clojure and using hato, there are some settings that cannot be set through the ->SSLContext
function, namely the TLS version (defaults to "TLS"
in hato, I would like to be able to set it to "TLSv1.2"
in this particular case).
Would it be welcome to add an optional key named :protocol
in the hato.client/->SSLContext
function - and specify that is optional key means the version of the TLS-protocol the documentation, defaults to "TLS"
?
Hi, thanks for your interest. I don't mind a PR for this. Please include a test and readme.
For completeness just noting some options:
- You can also adjust it via java opts (
jdk.tls.client.protocols
and related) though that has broader impact. - You can also pass in a manually constructed SslContext, but that is less convenient.
- Trying to set the protocol in the SslContext (via getInstance) seems to also have nuances (e.g. setting it to "TLSv1.2" will not prevent other TLS versions). But if passing in a manually constructed SslContext with the protocol set makes it work for you, then supporting this option should be fine.
I'm still on this, but has been busy with other things. There will be a at least two weeks more until I'm done.