What versions of Java support TLSv1.3 / TLS 1.3?
Java 8 TLS 1.3 Support
If you are on Java 8 (or 1.8 if you prefer) then you need version 8u261 b12 or greater. This version was released on July 14, 2020.
Java 11 TLS 1.3 Support
Java 11 has supported TLS 1.3 since it was first released, however there were some bugs in the early versions. For that reason you should probably shoot for at least version 11.0.8 which is when TLSv1.3 support was added to Java 8.
How can I see if my Java code supports TLSv1.3?
Try connecting to tls13.akamai.io and see what it responds with. Here's some java code to do that:
java.net.URL u = new java.net.URL("https://tls13.akamai.io/");
java.net.HttpURLConnection connection = (java.net.HttpURLConnection)u.openConnection();connection.connect();
Object content = connection.getContent();
connection.disconnect();
Comments
Another host that supports TLS 1.3 for testing purposes is https://tls13.1d.pw/ Here's a TestBox unit test if you wish to test and compare CFHTTP to modern Chrome browser behavior. (I've added akamai as the default TLS 1.3 host.) https://dev.to/gamesover/cfml-unit-tests-for-cfhttp-and-badssl-1lfa
James - thanks that's a nice test, I use those badssl.com hosts for testing as well, but they don't have one for TLS 1.3 yet. One thing about using tls13.akamai.io in a test like this is that it also responds to other protocols, so you'd have to inspect the fileContent to see if it really supports TLSv1.3. I probably should have made that more clear in the blog entry.
Thanks for the update. I removed the akamai host from my unit test as I didn't want to have to additionally inspect the content. https://tls13.1d.pw/ is a TLS1.3-ONLY server which means you can only connect to it using TLS1.3. (Connection failure = the HTTP request didn't use TLS1.3.)