Connection issue between Plunet and GroupShare with latest Java build

Question

Hi Patrick Andrew Hartnett or GroupShare developers, 
 Just wanted to let you know about this recent issue we have found between Plunet and GroupShare. This is the message from our Head of Support: 
 
 &ldquo;The latest Java build jdk-17.0.18+8 from January breaks the connection between Plunet and Groupshare. 
 With this build, Java updated their security algorithms and disables more algorithms than with previous builds. As soon we disable the following, Plunet can connect with Groupshare again: 
 
 This information should also help RWS to troubleshoot the issue.&rdquo; 
 
 We are going to proactively reach out to customers using the GroupShareManager, so that they are informed about this, but it would be useful to have a reply from you. 
 
 Thank you.

Zoltan Balazs · Answer

Hi Nicol Tincani Thanks for raising this issue with us. From the information I could gather with Java 17 certain protocols were disabled (TLSv1 and TLSv1.1). This shouldn't affect GroupShare as we support TLS12. Also, certain cipher and key exchanges were disabled and some key size constraints were put in place with Java 17. This is an industry trend, where RSA key transport is deprecated as vulnerabilities are found. 
 My understanding is that Java 17+ components/applications attempting to connect to GroupShare over HTTPS will fail with a handshake error if the server only offers these disabled cipher suites. The fix is server-side only - where the TLS configuration on the GroupShare server needs to be updated so that you prioritize certain cipher suites and disable the ones not supported by Java 17. This can be done using the IIS Crypto tool.

GroupShare Developers > GroupShare Developers forum

Connection issue between Plunet and GroupShare with latest Java build

Top Replies