We used https with GF-2.1 and Java6 and it worked fine, until we got TLS-1.2 clients. We upgraded to JDK 7, which supports TLSv1.2, and this solved our problem.
However, after an upgrade to GF-3.1.2, this does not work anymore.
I have tried to set https.protocols=TLSv1.2 in JMV properties, but this does not work.
Admin console only has a boolean parameter "Enable TLS" which is quite rough. It would be nice to define protocols like cipher suites, by cherry picking.
We managed to use TLSv1.2 (as a proof of concept) in a small test program inspired from grizzly-embed-samples v1.9.50. Source code sample :
final GrizzlyWebServer ws = new GrizzlyWebServer( port, path, true );
ws.setSSLConfig( getSSLConfig() ); // nothing important in there : only keystore & truststore
// THIS is required (at least the last protocol actually) :
( ( SSLSelectorThread ) ws.getSelectorThread() ).setEnabledProtocols( new String
Tried also to patch class com.sun.enterprise.web.connector.coyote.PECoyoteConnector.configureSSL() in web-glue.jar (by replacing "TLSv1" with "TLSv1, TLSv1.1, TLSv1.2", but this does seem to work either.