I am using java 1.6. I have setup my tomcat as my ssl enabled server. And i have setup a ssl enabled client (java code). When i do a communication from my client to server. In java ssl dump in tomcat logs, I always see TLSv1 picked as SSL protocol version by both my client and server. Is there a way i can switch between SSLv3 and TLSv1 protocols for secure connection? How can i make a client server communication using SSLv3?
Thanks in advance!
Disclaimer: from my point of view it is not a good idea to donwgrade the connection protocol to SSLv3 unless you have a device which does not support TLS.
If you really need it you can force the tomcat connector to use the SSLv3 protocol. In the connector XML configuration:
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector protocol="HTTP/1.1" port="8443" ... sslProtocol="SSLv3"/>
the sslProtocol attribute accepts the SSLContext algorithm names defined in the Java documentation. The default value is TLS.
The HTTP connector documentation is also available here : http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
UPDATE
It seems possible to specify the authorized protocols for SSL and TLS with the java system property https.protocols (see here). You can launch your application with
java -Dhttps.protocols="SSLv3" ... -jar myapp.jar
