How can we configure keycloak to support TLS v1.3?
I would say you need Java with TLS 1.3 support first and then it should be running without any special Keycloak configuration.
Thanks for your comment on it.
I am running java with following version:
I have no name!@8f1e7925cb67:/$ java --version
openjdk 11.0.14 2022-01-18 LTS
OpenJDK Runtime Environment (build 11.0.14+9-LTS)
OpenJDK 64-Bit Server VM (build 11.0.14+9-LTS, mixed mode)
Could you suggest how can we check the support or whicj java verson is required for that.
Really appriciate you response.
Thank you
$ cat ShowTlsVersions.java
import javax.net.ssl.SSLContext;
public class ShowTlsVersions {
public static void main(String[] args) {
try {
System.out.println(String.join(" ", SSLContext.getDefault().getSupportedSSLParameters().getProtocols()));
} catch (Exception e) {
System.out.println(e.getMessage());
}
}
}
$ java ShowTlsVersions.java
TLSv1.3 TLSv1.2 TLSv1.1 TLSv1 SSLv3 SSLv2Hello
$ java -version
openjdk version "11.0.14.1" 2022-02-08
OpenJDK Runtime Environment (build 11.0.14.1+1-Ubuntu-0ubuntu1.20.04)
OpenJDK 64-Bit Server VM (build 11.0.14.1+1-Ubuntu-0ubuntu1.20.04, mixed mode, sharing)
Of course if Keycloak is behind loadbalancer, reverse proxy then they should handle TLS.