My Oracle Support Banner

Can TLS Renegotiation be disabled from the Client (Doc ID 2673817.1)

Last updated on AUGUST 29, 2021

Applies to:

Java SE JDK and JRE - Version 8 to 11
Information in this document applies to any platform.

Goal

Is there a way to turn off TLS renegotiation in a client application?  Users do not have control of the server side code, only the client side code.  The client does implement the RFC 5746 Phase 2 fix but there is a desire to explicitly prevent renegotiation in order to be sure that it is not used.  Therefore, is it possible, from the client side, to explicitly disable renegotiation with the server?

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.