``++javax.net.ssl.SSLContext.getInstance++`` returns a SSLContext object that implements the specified secure socket protocol. However, older protocol versions like "SSLv3" have been proven to be insecure.
This rule raises an issue when an ``++SSLContext++`` is created with an insecure protocol version(ie: a protocol different from "TLS", "DTLS", "TLSv1.2", "DTLSv1.2", "TLSv1.3", "DTLSv1.3").
The recommended value is "TLS" or "DTLS" as it will always use the latest version of the protocol. However an issue will be raised if the bytecode was compiled with JDK7 or an even older version of JDK because they are not alias for TLSv1.2 and DTLSv1.2 but for weaker protocols.
Note that calling ``++SSLContext.getInstance(...)++`` with "TLSv1.2" or "DTLSv1.2" doesn't prevent protocol version negotiation. For example, if a client connects with "TLSv1.1" and the server used ``++SSLContext.getInstance("TLSv1.2")++``, the connection will use "TLSv1.1". It is possible to enable only specific protocol versions by calling ``++setEnabledProtocols++`` on ``++SSLSocket++``, ``++SSLServerSocket++`` or ``++SSLEngine++``. However this should be rarely needed as clients usually ask for the most secure protocol supported.
