TLSv1.2 configuration in jboss-eap-6.4

Latest response

We are hosting soap based web service application on JBoss-eap-6.4 server under jdk 1.7.0_79.

Requirement is to restrict all the lower ssl/tls version support on https connector and to allow only TLSv1.2 .

what we have done so far are as below mentioned-

--------jboss change-----------------

---------------jdk change------------
File: /local/apps/java_server/java/jdk1.7.0_79/jre/lib/security

Change: jdk.tls.disabledAlgorithms=SSLv3,SSL,TLSv1, TLSv1.1, RC4, MD5withRSA, DH keySize < 1024, EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC

But still one of my client is passing SSL in the request and that is being served.


I am also setting'-Djdk.tls.client.protocols=TLSv1.2' parameter in standalone.conf but still SSL request is being served .

is there backward compatibility in TLSv1.2 to support SSL/SSlv2/SSlv3 or i am missing some important things here .