How to resolve BW HTTPS client cannot downgrade to a lower version of protocol, for example SSLv3, when the server only supports SSLv3.

How to resolve BW HTTPS client cannot downgrade to a lower version of protocol, for example SSLv3, when the server only supports SSLv3.

book

Article ID: KB0093091

calendar_today

Updated On:

Products Versions
TIBCO ActiveMatrix BusinessWorks -
Not Applicable -

Description

Description:
BW supports SSLv2, SSLv3 and TLSv1 (which is SSLv3.1). However, when the security vendor is J2se, by default it always chooses the highest version and cannot negotiate with the server using a proper version especially when the server only supports the lower version of the protocol, such as SSLv3

Resolution

The resolution should be add a following jvm property into tra file to enable the protocol negotiation when the j2se vendor is turned on.
java.property.com.sun.net.ssl.rsaPreMasterSecretFix=true
java.property.TIBCO_SECURITY_VENDOR=j2se

Issue/Introduction

How to resolve BW HTTPS client cannot downgrade to a lower version of protocol, for example SSLv3, when the server only supports SSLv3.

Additional Information

Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 7

Powered by Wolken Software