Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

We announced the upcoming end-of-support for Amazon SDK for Java (v1). We recommend that you migrate to Amazon SDK for Java v2. For dates, additional details, and information on how to migrate, please refer to the linked announcement.

Amazon SDK for Java support for TLS

The following information applies only to Java SSL implementation (the default SSL implementation in the Amazon SDK for Java). If you’re using a different SSL implementation, see your specific SSL implementation to learn how to enforce TLS versions.

How to check the TLS version

Consult your Java virtual machine (JVM) provider's documentation to determine which TLS versions are supported on your platform. For some JVMs, the following code will print which SSL versions are supported.

System.out.println(Arrays.toString(SSLContext.getDefault().getSupportedSSLParameters().getProtocols()));

To see the SSL handshake in action and what version of TLS is used, you can use the system property javax.net.debug.

java app.jar -Djavax.net.debug=ssl

Enforcing a minimum TLS version

The SDK always prefers the latest TLS version supported by the platform and service. If you wish to enforce a specific minimum TLS version, consult your JVM's documentation. For OpenJDK-based JVMs, you can use the system property jdk.tls.client.protocols.

java app.jar -Djdk.tls.client.protocols=PROTOCOLS

Consult your JVM's documentation for the supported values of PROTOCOLS.