Protocols

The IBMJSSE2 provider supports the following protocol parameters:
Table 1. Standard protocol names
Protocol Comment
SSL Enables TLS v1.0, v1.1, and v1.2 protocols.
SSLv3 No protocols enabled.
TLS Enables TLS v1.0, v1.1, and v1.2 protocols.
TLSv1 Enables TLS v1.0 protocol (defined in RFC 2246).
TLSv1.1 Enables TLS v1.1 protocol (defined by RFC 4346).
TLSv1.2 Enables TLS v1.2 protocol (defined by RFC 5246).
Start of changes for service refresh 6 fix pack 25TLSv1.3End of changes for service refresh 6 fix pack 25 Start of changes for service refresh 6 fix pack 25Enables TLS v1.3 protocol (defined by RFC 8446).End of changes for service refresh 6 fix pack 25
SSL_TLS Enables TLS v1.0 protocol.
SSL_TLSv2 Enables TLS v1.0, v1.1, and v1.2 protocols.
The following table shows which protocols are enabled by default for client and server connections.
Table 2. Whether protocols are enabled or disabled by default
Protocol Enabled by default for client Enabled by default for server
SSLv3 No No
TLSv1 Yes Yes
TLSv1.1 Yes Yes
TLSv1.2 Yes Yes
Start of changes for service refresh 6 fix pack 25TLSv1.3End of changes for service refresh 6 fix pack 25 Start of changes for service refresh 6 fix pack 25NoEnd of changes for service refresh 6 fix pack 25 Start of changes for service refresh 6 fix pack 25NoEnd of changes for service refresh 6 fix pack 25
Note: From the first release, there were differences between the IBM and Oracle implementations of SSLContext.getInstance("TLS") and a system property was available to match behavior (see Matching the behavior of SSLContext.getInstance("TLS") to Oracle). Start of changes for service refresh 6 fix pack 25 However, in service refresh 6, fix pack 25, the IBM implementation changed such that there are no longer any differences.End of changes for service refresh 6 fix pack 25