Description:
TIBCO ActiveMatrix ("AMX") 3.1 and 3.2 embed JRE 1.6 during installation, where "SSLv2 Client Hello" is enabled by default for the HTTPS client. Since "SSLv2 Client Hello" is not compatible with some HTTPS servers, you may take the following approaches to disable or workaround it.

"SSLv2 Client Hello" compatibility issues in TIBCO ActiveMatrix 3.1 and 3.2 .

1). Upgrade your AMX platform to 3.3.0 with the latest hotfix which in turn will use JRE 1.7 and will have SSLv3 and earlier versions disabled by default. We recommend upgrading to the AMX platform 3.3.0 to benefit from product enhancements and defect fixes.

2). As a short term solution, you can upgrade JRE to 1.7 or 1.8 in your existing AMX 3.1.5 or 3.2.0 environment. To do that, download the TIBCO ActiveMatrix Updater Tool for Java Runtime Environment Software (version 1.0.0 or 1.1.0) from edelivery.tibco.com. You will see this utility under TIBCO ActiveMatrix Service Grid - 3.2.0 . Follow the utility readme file for more details.

3). Another alternative is to change the server side configuration to allow "SSLv2 Client Hello", but that would compromise the security level. If your Server application is also hosted on an AMX platform, you can add the following property in the node.tra file. Restart the node to allow  "SSLv2 Client Hello".

java.property.com.tibco.trinity.ssl.DontEnforceTLSProtocol=true