From 0a96bf2261f45a16f9cbc9ee77ddcc12d95d0460 Mon Sep 17 00:00:00 2001
From: vharseko <vharseko@3a-systems.ru>
Date: Wed, 19 Jul 2023 19:45:37 +0000
Subject: [PATCH] Restore TLSv1.3 support (#290)

---
 opendj-server-legacy/src/main/java/org/forgerock/opendj/reactive/LDAPConnectionHandler2.java |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/opendj-server-legacy/src/main/java/org/forgerock/opendj/reactive/LDAPConnectionHandler2.java b/opendj-server-legacy/src/main/java/org/forgerock/opendj/reactive/LDAPConnectionHandler2.java
index 7fa1602..1c22aa0 100644
--- a/opendj-server-legacy/src/main/java/org/forgerock/opendj/reactive/LDAPConnectionHandler2.java
+++ b/opendj-server-legacy/src/main/java/org/forgerock/opendj/reactive/LDAPConnectionHandler2.java
@@ -859,10 +859,10 @@
             final Set<String> protocols = config.getSSLProtocol();
             if (!protocols.isEmpty()) {
                 sslEngine.setEnabledProtocols(protocols.toArray(new String[0]));
-            } else { //enforce enable TLSv1.3 to avoid jdk 11 TLSv1.3 problem
+            } else { 
             	String[] enabledProtocols = sslEngine.getEnabledProtocols();
-            	String[] enabledProtocolsNoTLSv13 = ArrayUtils.remove(enabledProtocols, "TLSv1.3");
-            	sslEngine.setEnabledProtocols(enabledProtocolsNoTLSv13);
+//            	String[] enabledProtocolsNoTLSv13 = ArrayUtils.remove(enabledProtocols, "TLSv1.3"); //enforce enable TLSv1.3 to avoid jdk 11 TLSv1.3 problem
+            	sslEngine.setEnabledProtocols(enabledProtocols);
             }
 
             final Set<String> ciphers = config.getSSLCipherSuite();

--
Gitblit v1.10.0