Enable TLS1.2 for client side JDKs and Browsers

Review the following steps to enable TLS1.2 for client side JDKs and browsers when working with Sterling B2B Integrator over HTTPS and or when running in NIST 800-131a strict mode.

To enable TLS1.2 for client JDKs and browsers:

  1. Verify that you are using JDK 1.7. TLS1.2 is only supported on JDK 1.7. For additional information, see: http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html
  2. From your Windows Control Panel, in the search box, type java to locate and open the Java Control Panel.
  3. On the Java Control Panel window, click the Advanced tab.
  4. Select TLS1.2 in Advanced Security Settings and click OK.
To enable TLS1.2 for Internet Explorer, version 8:
  1. On the Internet Explorer browser window, from the Tools menu, select Internet Options.
  2. Click the Advanced tab.
  3. Select TLS1.2 in the Advanced Security Settings.

Firefox Considerations

Firefox can only connect to one Sterling B2B Integrator server when using HTTPS, to resolve this issue:

  1. When Firefox connects to a website using HTTPS when the certificate of the server is self-signed, a dialog box appears. Select Add Exception to continue.
  2. A new dialog appears asking you to confirm. Click Confirm Security Exception to launch the HTTPS connection.

The public certificate from the HTTPS server is stored in cache. You can locate it in your Firefox browser from Options > View Certificates, where Sterling is the organization and ASI is common name. This is the same syntax for all certificates using Sterling B2B Integrator HTTPS.

If this certificate is stored in the cache and you try to connect to another Sterling B2B Integrator instance, it will not work because the public certificate is a Sterling B2B Integrator instance and is different from the one in the cache. To work around this issue, select Confirm Security Exception and clear the box for Permanently store this exception. Doing this will allow certificate storage for only that specific session, allowing you to connect to another Sterling B2B Integrator instance when the browser is closed.