It is always possible to face a legacy project and have to modify or update it. Usually, their stack is very old and outdated, like the project I worked on that last week, the database of this project was an old SQL Server, which used the TSL 1.0 protocol for secure communication! I had JDK 8 update 312 installed on my system, and on this version of Java, TSL 1.0 has been disabled for security reasons. The result was that the old Spring Boot project could not communicate with the database and showed the following error:
com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "The server selected protocol version TLS10 is not accepted by
client preferences [TLS12]". ClientConnectionId:38242ee7-8809-47a1-b020-2df5e3cc8683
To update one of the project services, I needed to run it on my system, and it wasn't possible to update the database. The next solution was to install an older version of JDK that was compatible with this protocol (!). But there is another way to enable this protocol on existing Java.
For this purpose, I used my old friend, Google, and looked for a solution to activate the TSL 1.0 protocol, which I found at the following address: https://www.qvera.com/kb/index.php/2689/how-to-re-enable-tlsv1-and-tlsv1-1-in-java-8
To enable this protocol, you need to go to the JAVA_HOME of your Java (path where Java is installed and includes the main program folders such as bin, bundle, etc.) and search for java.security file in the this path for editing.
Now look the file content for the jdk.tls.disabledAlgorithms value in the file, this key stores the values of the disabled algorithms, which will be reactivated in Java by deleting the algorithm name. For my project TSL1 should have been removed:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, include jdk.disabled.namedCurves
jjdk.tls.disabledAlgorithms value after modification:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1.1, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, include jdk.disabled.namedCurves
You can now easily use the protocol in question. Note that do not use this method in any way for new versions of applications or new projects, as it involves very critical security risks.