With the next release of my devs' software, we're moving from TLSv1 to 1.2. I installed the software in the test environment, and much to my shock the client servers were unable to communicate with the application server with 1.2 enabled. This is a Java application, created by Java developers, intended to run in Oracle's VM, so hiccups are par for the course.
I retraced all of my upgrade steps, ensuring all of the configuration options were correct, all of the files were where they needed to be with all of the correct permissions. I checked my Java version, and yes it was the current version. Hold up. I'm running the latest version, but it's over 20 builds behind the recommended build of the JRE.
The Oracle Java website distributes one build per version rev. I did not realize that. My devs coded for a newer build, which is only available to download from Oracle's Support site. Surely a build number, not even a minor release number, wouldn't solve what is most likely a problem I caused during the upgrade.
Yeah, you know already. TLSv1.2 is bugged in early builds of the latest Java 8 JRE. After upgrading to build 32 as was recommended, the servers started talking to each other. SAME VERSION NUMBER, but a build released about a month after initial release fixed the bug.