X

Developer Partner Community

  • January 16, 2015

How to check for SSL POODLE / SSLv3 bug on WebLogic? How to fix by Middleware wonders

Juergen Kress
PaaS & Middleware Partner Adoption

clip_image001Details of the SSL POODLE bug can be found here

We can address it in the following way.

1) Disable SSL 3.0 support in the client.

2) Disable SSL 3.0 support in the server.

We can start WebLogic server with the following JVM option

-Dweblogic.security.SSL.protocolVersion=TLS1

Ref :-

http://weblogic-wonders.com/weblogic/2009/12/08/use-specific-ssl-protocol-version-with-weblogic-server/

Disable support for CBC-based cipher suites when using SSL 3.0 (in either client or server).

You can do it by editing you config.xml Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Technorati Tags: WebLogic,WebLogic Community,Oracle,OPN,Jürgen Kress

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.