Enabled TLS 1.2

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Enabled TLS 1.2

Ramona.Cristea
Hello,

We would like for our push server to support only TLS 1.2 connections for security reasons.
The Android documentation for SSLSocket says that TLS 1.1 and TLS 1.2 is supported within android starting API level 16+ (Android 4.1, Jelly Bean). But it is by default disabled but starting with API level 20+ (Android 4.4 for watch, Kitkat Watch and Android 5.0 for phone, Lollipop) they are enabled.

We set the minimum sdk version to API 16, but we would like to know if the Aero Gear library enables TLS 1.2 protocol when doing a connection?
If not, then all connections on smartphones with android versions < 5.0 will fail.
Reply | Threaded
Open this post in threaded view
|

Re: [Aerogear-users] Enabled TLS 1.2

Summers Pittman
Ramona,

Sorry this slipped past our radars.  No we don't currently do anything to enable TLS 1.2 in JellyBean or KitKat Android versions.  

However, we can work together to modify this class https://github.com/aerogear/aerogear-android-pipe/blob/master/aerogear-android-pipe/src/main/java/org/jboss/aerogear/android/pipe/http/HttpRestProvider.java which is the class which configured HTTP for push and release an updated library.  Alternatively, you can use reflection to inject your own HttpProvider into the push registrar.  Push uses this field : https://github.com/aerogear/aerogear-android-push/blob/master/aerogear-android-push/src/main/java/org/jboss/aerogear/android/unifiedpush/fcm/AeroGearFCMPushRegistrar.java#L87 to configure http.

Again, sorry it took so long to reply.  Feel free to follow up with us here or on the #aerogear IRC channel.

Summers

On Fri, Jun 3, 2016 at 4:04 AM, Ramona.Cristea <[hidden email]> wrote:
Hello,

We would like for our push server to support only TLS 1.2 connections for
security reasons.
The Android documentation for SSLSocket says that TLS 1.1 and TLS 1.2 is
supported within android starting API level 16+ (Android 4.1, Jelly Bean).
But it is by default disabled but starting with API level 20+ (Android 4.4
for watch, Kitkat Watch and Android 5.0 for phone, Lollipop) they are
enabled.

We set the minimum sdk version to API 16, but we would like to know if the
Aero Gear library enables TLS 1.2 protocol when doing a connection?
If not, then all connections on smartphones with android versions < 5.0 will
fail.



--
View this message in context: http://aerogear-users.1116366.n5.nabble.com/Enabled-TLS-1-2-tp707.html
Sent from the aerogear-users mailing list archive at Nabble.com.
_______________________________________________
Aerogear-users mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/aerogear-users


_______________________________________________
Aerogear-users mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/aerogear-users