Renegotiation of TLS V1 Does not Happen When Using IBM JDK with WebLogic Servers
Last updated on DECEMBER 11, 2017
Applies to:Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.
On Weblogic 10.3.6 version, using IBM JDK 1.7.0, renegotiation of TLS V1 is not taking place.
Weblogic is configured to use SSL TLS v1 with two external web services; one requires TLS V1 and the other requires TLS 1.2.
The following SSL parameters have been set for the managed server to enable SSL TLS as per note: Problems With TLS 1.2 Minimum Cipher Suite For Weblogic Running On IBM JDK <Doc ID 2238984.1>
With the above setting, only TLS 1.1 is being sent and there is no renegotiation of the SSL handshake to TLS 1.2
Setting -Dcom.ibm.jsse2.overrideDefaultProtocol=TLSv12 works; however this will break the connection to external site which requires TLS 1.1.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms