My Oracle Support Banner

Oracle iPlanet Web Server 7.0 Reverse Proxy Wraps CLIENT HELLO message In An SSL2-compatible Format (Doc ID 2054574.1)

Last updated on OCTOBER 24, 2018

Applies to:

Oracle iPlanet Web Server - Version 7.0 and later
Information in this document applies to any platform.

Symptoms

When Web Server 7.0 Reverse Proxy makes a connection to an SSL enabled backend server, the CLIENT HELLO message in the SSL handshake is wrapped into a SSL record that contains the protocol version as SSLv2 although the version field in the CLIENT HELLO message says TLS1.0. Due to this the connection is refused by some backend server that supports only SSLv3 and TLS (e.g by JBoss 6.3.3)


Below is extracted from the snoop captured when the Reverse Proxy makes SSL connection to another server and it shows SSLv2 Record Layer:

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.