How to set TLS version on apache HttpClient
The solution is:
SSLContext sslContext = SSLContexts.custom() .useTLS() .build();SSLConnectionSocketFactory f = new SSLConnectionSocketFactory( sslContext, new String[]{"TLSv1", "TLSv1.1"}, null, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);httpClient = HttpClients.custom() .setSSLSocketFactory(f) .build();
This requires org.apache.httpcomponents.httpclient 4.3.x though.
This is how I got it working on httpClient 4.5 (as per Olive Tree request):
CredentialsProvider credsProvider = new BasicCredentialsProvider();credsProvider.setCredentials( new AuthScope(AuthScope.ANY_HOST, 443), new UsernamePasswordCredentials(this.user, this.password));SSLContext sslContext = SSLContexts.createDefault();SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[]{"TLSv1", "TLSv1.1"}, null, new NoopHostnameVerifier());CloseableHttpClient httpclient = HttpClients.custom() .setDefaultCredentialsProvider(credsProvider) .setSSLSocketFactory(sslsf) .build();return httpclient;
HttpClient-4.5,Use TLSv1.2 ,You must code like this:
//Set the https use TLSv1.2private static Registry<ConnectionSocketFactory> getRegistry() throws KeyManagementException, NoSuchAlgorithmException { SSLContext sslContext = SSLContexts.custom().build(); SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[]{"TLSv1.2"}, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier()); return RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", sslConnectionSocketFactory) .build();}public static void main(String... args) { try { //Set the https use TLSv1.2 PoolingHttpClientConnectionManager clientConnectionManager = new PoolingHttpClientConnectionManager(getRegistry()); clientConnectionManager.setMaxTotal(100); clientConnectionManager.setDefaultMaxPerRoute(20); HttpClient client = HttpClients.custom().setConnectionManager(clientConnectionManager).build(); //Then you can do : client.execute(HttpGet or HttpPost); } catch (KeyManagementException | NoSuchAlgorithmException e) { e.printStackTrace(); }}