I'm using HttpsURLConnection to perform http calls on my android app, some of them to AWS. As AWS removes support of SSLv3 soon, I need to make sure my calls supports TLSv1.2 instead.
Does HttpsURLConnection supports TLSv1.2 by default or should I configure it explicitly to work with it instead of SSLv3?
You can use the NetCipher library to get a modern TLS config when using Android's HttpsURLConnection. NetCipher configures the HttpsURLConnection instance to use the best supported TLS version, as well as the best suite of ciphers for that TLS version. First, add it to your build.gradle:
compile 'info.guardianproject.netcipher:netcipher:1.2'
Or you can download the netcipher-1.2.jar and include it directly in your app. Then instead of calling:
HttpURLConnection connection = (HttpURLConnection) sourceUrl.openConnection();
Call this:
HttpsURLConnection connection = NetCipher.getHttpsURLConnection(sourceUrl);