From 88712127952f39f78d68b36f9c20193571bc66ba Mon Sep 17 00:00:00 2001 From: serge-rider Date: Sat, 24 Apr 2021 13:42:36 +0300 Subject: [PATCH] #934 MongoDB - Atlas connectivity settings Former-commit-id: 8786a8faba196aac9b6d0fbe8a0645950ec1deb4 --- .../dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java b/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java index 91085f9e9d..43e2e611bb 100644 --- a/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java +++ b/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java @@ -43,8 +43,12 @@ public class SSLHandlerTrustStoreImpl extends SSLHandlerImpl { public static final String PROP_SSL_SELF_SIGNED_CERT = "ssl.self-signed-cert"; public static final String PROP_SSL_KEYSTORE = "ssl.keystore"; public static final String PROP_SSL_METHOD = "ssl.method"; + public static final String PROP_SSL_FORCE_TLS12 = "ssl.forceTls12"; public static final String CERT_TYPE = "ssl"; + public static final String TLS_PROTOCOL_VAR_NAME = "jdk.tls.client.protocols"; + public static final String TLS_1_2_VERSION = "TLSv1.2"; + /** * Creates certificates and adds them into trust store */ @@ -115,7 +119,10 @@ public class SSLHandlerTrustStoreImpl extends SSLHandlerImpl { trustManagers = trustManagerFactory.getTrustManagers(); } - SSLContext sslContext = SSLContext.getInstance("SSL"); + final boolean forceTLS12 = sslConfig.getBooleanProperty(PROP_SSL_FORCE_TLS12); + + + SSLContext sslContext = forceTLS12 ? SSLContext.getInstance(TLS_1_2_VERSION) : SSLContext.getInstance("SSL"); sslContext.init(keyManagers, trustManagers, new SecureRandom()); return sslContext; } -- GitLab