AWS SDK for Java support for TLS 1.2 - AWS SDK for Java

At Amazon Web Services (AWS), we’re focused on finding ways to improve our products and provide a better customer experience. To do that, we need your feedback. Please take 5 minutes of your time to share insights regarding your experience with Java Spring and your need for Spring integration with AWS.

Click here to take a quick survey

This survey is hosted by an external company (Qualtrics), so the link above does not lead to our website. Please note that AWS will own the data gathered via this survey, and will not share the information/results collected with survey respondents. AWS handles your information as described in the AWS Privacy Notice.

AWS SDK for Java support for TLS 1.2

The following information applies only to Java SSL implementation (the default SSL implementation in the AWS SDK for Java). If you’re using a different SSL implementation, see your specific SSL implementation to learn how to enforce TLS versions.

TLS support in Java

TLS 1.2 is supported starting in Java 7.

How to check the TLS version

To check what TLS version is supported in your Java virtual machine (JVM), you can use the following code.


To see the SSL handshake in action and what version of TLS is used, you can use the system property

java app.jar

How to set the TLS version

AWS SDK for Java 1.x

  • Apache HTTP client: The SDK always prefers TLS 1.2 (if it’s supported in the platform).

AWS SDK for Java 2.x

  • ApacheHttpClient: The SDK always prefers TLS 1.2 (if it’s supported in the platform).

  • UrlHttpConnectionClient: To enforce only TLS 1.2, you can use this Java command.

java app.jar -Djdk.tls.client.protocols=TLSv1.2

Or use this code.

System.setProperty("jdk.tls.client.protocols", "TLSv1.2");
  • NettyNioHttpClient: The SDK dependency for Netty is TLS 1.2 (if it’s supported in the platform).