Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

AWS SDK for Java support for TLS - AWS SDK for Java 1.x

The AWS SDK for Java 1.x has entered maintenance mode as of July 31, 2024, and will reach end-of-support on December 31, 2025. We recommend that you migrate to the AWS SDK for Java 2.x to continue receiving new features, availability improvements, and security updates.

The AWS SDK for Java 1.x has entered maintenance mode as of July 31, 2024, and will reach end-of-support on December 31, 2025. We recommend that you migrate to the AWS SDK for Java 2.x to continue receiving new features, availability improvements, and security updates.

AWS SDK for Java support for TLS

The following information applies only to Java SSL implementation (the default SSL implementation in the AWS SDK for Java). If you’re using a different SSL implementation, see your specific SSL implementation to learn how to enforce TLS versions.

How to check the TLS version

Consult your Java virtual machine (JVM) provider's documentation to determine which TLS versions are supported on your platform. For some JVMs, the following code will print which SSL versions are supported.

System.out.println(Arrays.toString(SSLContext.getDefault().getSupportedSSLParameters().getProtocols()));

To see the SSL handshake in action and what version of TLS is used, you can use the system property javax.net.debug.

java app.jar -Djavax.net.debug=ssl
Note

TLS 1.3 is incompatible with SDK for Java versions 1.9.5 to 1.10.31. For more information, see the following blog post.

https://aws.amazon.com/blogs/developer/tls-1-3-incompatibility-with-aws-sdk-for-java-versions-1-9-5-to-1-10-31/

Enforcing a minimum TLS version

The SDK always prefers the latest TLS version supported by the platform and service. If you wish to enforce a specific minimum TLS version, consult your JVM's documentation. For OpenJDK-based JVMs, you can use the system property jdk.tls.client.protocols.

java app.jar -Djdk.tls.client.protocols=PROTOCOLS

Consult your JVM's documentation for the supported values of PROTOCOLS.

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.