Topic
  • 2 replies
  • Latest Post - ‏2012-11-05T13:45:44Z by EugenMIPS
EugenMIPS
EugenMIPS
4 Posts

Pinned topic WASCE 2.1.1.5 and TLS 1.1

‏2012-10-29T13:47:49Z |
Hello,

I have WASCE 2.1.1.5 installed on top of IBM Java (IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Linux x86-32 jvmxi3260sr7-20091214_49398 (JIT enabled, AOT enabled)).

Now I need enable TSL 1.1 on that web server, and by going through options I couldn't find anything that would give me a option to specify version of TLS. TLS is selected as sslProtocol in TomcatWebSSLConnector options, but it's using 1.0. Is it even possible to use TLS 1.1 on this version of WASCE/Java?

Best regards, Eugen
Updated on 2012-11-05T13:45:44Z at 2012-11-05T13:45:44Z by EugenMIPS
  • X75J_Li_Yanli
    X75J_Li_Yanli
    45 Posts

    Re: WASCE 2.1.1.5 and TLS 1.1

    ‏2012-11-02T07:33:46Z  
    Hello,

    The sslProtocol WAS CE used is related with TomcatWebSSLConnector which depends on SSLContext supported by JDK.
    For jdk5 and jdk6 doesn't support TLSv1.1 and only jdk 7 supported.
  • EugenMIPS
    EugenMIPS
    4 Posts

    Re: WASCE 2.1.1.5 and TLS 1.1

    ‏2012-11-05T13:45:44Z  
    Hello,

    The sslProtocol WAS CE used is related with TomcatWebSSLConnector which depends on SSLContext supported by JDK.
    For jdk5 and jdk6 doesn't support TLSv1.1 and only jdk 7 supported.
    Hello,
    we have managed to enable TLSv1.1 on WAS CE 2.1.1.5 by upgrading IBM Java to newest IBM JavaSE6 (SR10).
    We changed the config.xml file and set sslProtocol property of TomcatWebSSLConnector to TLSv1.1 which resulted in successful TLS 1.1 connection.

    But now, when we try to connect with a client which doesn't support TLS 1.1 (only TLS 1.0) we get an refused connection.

    Is there a way to enable both TLS 1.0 and TLS 1.1?

    Best regards, Eugen