Renegotiation of TLS V1 Does not Happen When Using IBM JDK with WebLogic Servers

(Doc ID 2333034.1)

Last updated on DECEMBER 11, 2017

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.

Symptoms

On Weblogic 10.3.6 version, using IBM JDK 1.7.0, renegotiation of TLS V1 is not taking place.

Weblogic is configured to use SSL TLS v1 with two external web services; one requires TLS V1 and the other requires TLS 1.2.

The following SSL parameters have been set for the managed server to enable SSL TLS as per note: Problems With TLS 1.2 Minimum Cipher Suite For Weblogic Running On IBM JDK <Doc ID 2238984.1>

With the above setting, only TLS 1.1 is being sent and there is no renegotiation of the SSL handshake to TLS 1.2

Setting -Dcom.ibm.jsse2.overrideDefaultProtocol=TLSv12 works; however this will break the connection to external site which requires TLS 1.1.
 

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms