Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
2 replies Latest Post - ‏2012-11-05T13:45:44Z by EugenMIPS
EugenMIPS
EugenMIPS
4 Posts
ACCEPTED ANSWER

Pinned topic WASCE 2.1.1.5 and TLS 1.1

‏2012-10-29T13:47:49Z |
Hello,

I have WASCE 2.1.1.5 installed on top of IBM Java (IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Linux x86-32 jvmxi3260sr7-20091214_49398 (JIT enabled, AOT enabled)).

Now I need enable TSL 1.1 on that web server, and by going through options I couldn't find anything that would give me a option to specify version of TLS. TLS is selected as sslProtocol in TomcatWebSSLConnector options, but it's using 1.0. Is it even possible to use TLS 1.1 on this version of WASCE/Java?

Best regards, Eugen
Updated on 2012-11-05T13:45:44Z at 2012-11-05T13:45:44Z by EugenMIPS
  • X75J_Li_Yanli
    X75J_Li_Yanli
    45 Posts
    ACCEPTED ANSWER

    Re: WASCE 2.1.1.5 and TLS 1.1

    ‏2012-11-02T07:33:46Z  in response to EugenMIPS
    Hello,

    The sslProtocol WAS CE used is related with TomcatWebSSLConnector which depends on SSLContext supported by JDK.
    For jdk5 and jdk6 doesn't support TLSv1.1 and only jdk 7 supported.
    • EugenMIPS
      EugenMIPS
      4 Posts
      ACCEPTED ANSWER

      Re: WASCE 2.1.1.5 and TLS 1.1

      ‏2012-11-05T13:45:44Z  in response to X75J_Li_Yanli
      Hello,
      we have managed to enable TLSv1.1 on WAS CE 2.1.1.5 by upgrading IBM Java to newest IBM JavaSE6 (SR10).
      We changed the config.xml file and set sslProtocol property of TomcatWebSSLConnector to TLSv1.1 which resulted in successful TLS 1.1 connection.

      But now, when we try to connect with a client which doesn't support TLS 1.1 (only TLS 1.0) we get an refused connection.

      Is there a way to enable both TLS 1.0 and TLS 1.1?

      Best regards, Eugen