2

I am trying to use TLSv1.2 for all communications going out from my Weblogic application server(acting as SSL client) but couldn't use it.

System details: Weblogic 12c IBM JRE7 SR9

Things I have tried:

  1. Enable only TLSv1.2 on weblogic server by setting the property weblogic.security.SSL.minimumProtocolVersion=TLSv1.2, but it didn't work. I have confirmed that by checking the SSL logs on weblogic server. Weblogic starts the SSL handshake with TLSv1 instead of TLSv1.2 in ClientHello message.

    1. By default the TLSv1.1 and TLSv1.2 are disabled on JVM started as client so I started the weblogic server as server by turning on the production mode in weblogic scripts but again didn't work.

    2. I also used -Dhttps.protocols=TLSv1.2 but same result. Weblogic starts SSL with TLSv1 clientHello message.

    3. I tried Weblogic server with Oracle java, everything worked fine by setting the minimum protocol version only.

    4. I enabled the useSunHttpHandler property on weblogic by setting useSunHttpHandler=true and used https.protocols=TLSv1.2, it worked with IBM java as well.

    5. I enabled same property useSunHttpHandler=true and used weblogic minimum protocol version as TLSv1.2(didn't set the https protocols version though) and it didn't work.

Really confused why it's not working.

smallarv
  • 56
  • 1
  • 6
  • To make the question short, what are the configuration required to enable TLSv1.2 on weblogic for outgoing requests if we are not using java.net.* based API for HTTP Connections? – smallarv Oct 14 '16 at 00:53
  • this appears to be a Java config question, not a security question – schroeder Apr 27 '17 at 13:08

1 Answers1

0

Please try disabling Lower protocol in java.security file.

Property Name jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1

Your minimum java version should be 1.7 to use this property.

schroeder
  • 123,438
  • 55
  • 284
  • 319
aziz bagwan
  • 1