OSCON 2019 and SUNNYVALE, Calif. – Azul Systems(Azul), the award-winning leader in Java runtime solutions, today announced that it has created OpenJSSE, an open source implementation of TLS 1.3 for Java SE 8, and has included it in the latest releases of its Zulu Community and Zulu Enterprise products. Source code, example use cases and documentation for this essential security standard are available on GitHub under the OpenJSSE project at https://github.com/OpenJSSE/openjsse.
The TLS 1.3 standard was released in August 2018 and is a successor to TLS 1.2 and previous Secure Sockets Layer (SSL) standards that have been part of Internet-based secure communications for many years. TLS 1.3 support has been included in Java since September 2018 as part of Java SE 11, but support has not been provided in earlier versions of Java.
Today, nearly all production Java applications are based upon the earlier Java SE 8 standard, and many developers continue to prefer to deploy software that can make use of the vast number of libraries, applications, and utilities that only work on Java SE 8. Existing Java SE 8 implementations, however, only support TLS up to version 1.2.
Zulu builds of OpenJDK 8 now include the OpenJSSE TLS 1.3 JSSE provider, which can be used to enable TLS 1.3 support with no application or code changes. The OpenJSSE provider included with Zulu 8 can also be used programmatically to code to TLS 1.3 and RSASSA-PSS capabilities not directly available via the Java SE 8 APIs. A release of Azul’s Zing JVM supporting TLS 1.3 with Java 8 will be made generally available by the end of July.
“Azul is now making it possible for Java deployments to enable TLS 1.3 support in their existing Java 8-based applications without changing a line of code,“ said Scott Sellers, Azul Systems president and CEO. “Azul continues to incorporate new features and capabilities in Java 8, including TLS 1.3 and Java Flight Recorder while at the same time maintaining full compliance (and TCK certification of every build), making our Zulu builds of OpenJDK the most advanced and trusted builds of OpenJDK available.”
For more information about Zing, Zulu Enterprise, OpenJSSE and the importance of TLS 1.3, read the blog post written by Azul Systems Deputy CTO Simon Ritter, entitled “Keeping Network Traffic Safe in JDK 8 with TLS 1.3.”
Details, JavaDocs, and examples of Azul’s open source implementation of TLS 1.3 for Java 8 can be found at https://github.com/OpenJSSE/openjsse. Free Zulu Community builds of OpenJDK 8 incorporating TLS 1.3 support are available for download at https://www.azul.com/downloads/zulu.
About TLS 1.3
TLS 1.3 enables secure communication for client-server applications. It was developed by the Internet Engineering Task Force (IETF), a global standards body who promotes the evolution and smooth operation of the Internet. More information about the IETF and TLS 1.3 can be found at https://www.ietf.org and https://www.ietf.org/blog/tls13/.
About Azul Systems
Twitter: @azulsystems
Azul Systems, the industry’s only company exclusively focused on Java and the Java Virtual Machine (JVM), builds fully supported, certified standards-compliant Java runtime solutions that bring the power of Java to the enterprise, cloud, and embedded/IoT. Zing is a JVM designed for enterprise Java applications and workloads that require any combination of low latency, high transaction rates, large working memory, and/or consistent response times. Zulu is Azul’s certified, freely available open source build of OpenJDK with a variety of flexible support options, available in configurations for the enterprise, cloud, as well as custom and embedded/IoT devices. For additional information, visit https://www.azul.com.
ZuluFX, Zulu Mission Control, Zulu Enterprise, Zulu Embedded, and Zulu Community are trademarks, and Azul Systems, the Azul Systems logo, Zulu, Zing, and ReadyNow are registered trademarks of Azul Systems. Java and OpenJDK are trademarks of Oracle Corporation and/or its affiliated companies in the United States and other countries. All other trademarks are the property of their respective holders.