search

mock-server / mockserver

MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and SOCKS Proxying (i.e. dynamic port forwarding).
http://mock-server.com
Apache License 2.0
4.52k stars 1.06k forks source link

mock-server client does not support TLS v1.3 #1837

Open aldex32 opened 5 months ago

aldex32 commented 5 months ago

Describe the issue mock-server client does not support TLS v1.3

What you are trying to do I have mock-server running behind a load balancer which allows only TLS v1.3 and unfortunately mock-server client does not support this TLS version.

javax.net.ssl.SSLHandshakeException: error:1000042e:SSL routines:OPENSSL_internal:TLSV1_ALERT_PROTOCOL_VERSION

I see in the master branch that you have added support for other TLS versions, but it is not released yet. Last release I see is a year ago, are you (@jamesdbloom) planning to release it soon? Is there any other way I can instruct the client to use TLS v1.3?

MockServer version v5.15.0

Thanks in advance!

aukevanleeuwen commented 4 months ago

👊 I could use this as well @jamesdbloom :-) A release would be nice since I don't see another way of overriding it to v1.3. It's rather hard coded.

vkochnev commented 4 months ago

I should say it's much worse in reality because of how it is implemented. If you use mockserver in your tests then none(!) other normal http clients can use TLSv1.3. Setting system property https.protocols affects everything running in the same jvm process. I've spent a noticeable amount of time trying to understand what happens. Please do not touch system properties, configure your own clients and servers directly if you need.