My Oracle Support Banner

How to resolve both outbound (TLSv1) and inbound (SSLv3) connections Until SSLv3 is Turned Off Altogether (Doc ID 1990343.1)

Last updated on AUGUST 28, 2020

Applies to:

Oracle WebLogic Server - Version 11.1.1.6.0 and later
Information in this document applies to any platform.

Symptoms

The customer reports having Weblogic Server 10.3.6 and is trying to connect to an External Client that only accepts TLSV1.* connection using SSL. They need to be able to support SSLv3 and TLSv1.0 in all WebLogic Domains for a period of time until they turn off SSLv3 all together. If they set the java option -Dweblogic.security.SSL.protocolVersion=ALL, it is failing to negotiate the SSL Handshake when they call an external client.

NOTE: SSL 3.0 introduces poodle vulnerability so it should be turned off completely ASAP. This is a short term solution until SSLv3 is turned off all together. Please see How to Change SSL/TLS Protocols in Oracle Weblogic Server - Disable SSL 2.0/3.0 and Enable TLS 1.x <Note 2162789.1>

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.