Due to an internal security scan, we've been asked to update our internal LDAP servers to only support TLSv1.1 and greater.
Unfortunately, during testing I've noticed this breaks OpenFire as it binds to LDAP for authentication using TLS1.0. We are using Java 8 which supports TLSv1.1 and up, but I cannot find a way to get Open Fire to only use TLSv1.1 or greater.
Browsing the code I saw:
SSLContext.getInstance("TLS")
which I tried changing to:
SSLContext.getInstance("TLSv1.2")
and recompiling but that didn't do it - obviously I am missing a setting to flip this on. Anyone else have this issue or know what else needs to be changed ?