Mulesoft Anypoint Studio was giving me trouble for a long time to connect to an external HTTP server that supports only TLSv1.2.
Below options did not work for me:
-Dhttps.protocols=TLSv1.2
-Djdk.tls.client.protocols=TLSv1.2
Solution:
I had to create a tls-default.conf file directly under src/main/resources (classpath root folder) and set
enabledProtocols=TLSv1.2
Full Configuration:
# This file allows to restrict SSL behavior in Mule. If the file doesn't exist or a property is not defined, # default values of the current security provider will be used. # Cipher suites that will be enabled in SSL. If this property is set, SSL sockets will # only use cipher suites that are provided in this list and supported by the current security provider. #enabledCipherSuites=TLS_KRB5_WITH_3DES_EDE_CBC_MD5, \ # SSL_DH_anon_WITH_DES_CBC_SHA, \ # TLS_DH_anon_WITH_AES_128_CBC_SHA, \ # TLS_DHE_RSA_WITH_AES_128_CBC_SHA, \ # SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \ # SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, \ # TLS_DHE_RSA_WITH_AES_256_CBC_SHA, \ # TLS_KRB5_WITH_3DES_EDE_CBC_SHA, \ # TLS_KRB5_WITH_DES_CBC_MD5, \ # TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, \ # SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, \ # SSL_DHE_DSS_WITH_DES_CBC_SHA, \ # TLS_KRB5_WITH_DES_CBC_SHA, \ # SSL_RSA_WITH_NULL_MD5, \ # TLS_DHE_DSS_WITH_AES_256_CBC_SHA, \ # SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, \ # TLS_RSA_WITH_AES_128_CBC_SHA, \ # SSL_DHE_RSA_WITH_DES_CBC_SHA, \ # TLS_DH_anon_WITH_AES_256_CBC_SHA, \ # TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, \ # SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, \ # SSL_RSA_WITH_NULL_SHA, \ # TLS_RSA_WITH_AES_256_CBC_SHA, \ # SSL_RSA_WITH_DES_CBC_SHA, \ # TLS_EMPTY_RENEGOTIATION_INFO_SCSV, \ # SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, \ # TLS_DHE_DSS_WITH_AES_128_CBC_SHA, \ # SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, \ # SSL_RSA_WITH_3DES_EDE_CBC_SHA # Protocols that will be enabled in SSL. If this property is set, SSL sockets will only use protocols # that are provided in this list and supported by the current security provider. #enabledProtocols=TLSv1,TLSv1.1,TLSv1.2 enabledProtocols=TLSv1.2