- JSSE stands for Java Secure Socket engine. This is useful while enabling SSL in oracle weblogic server.
- Oracle 11g weblogic server by default uses the Certicom Bases SSL implementation and supports the TLS version SSLv3 and TLS.10.
- JSSE enables us to more secure protocol like TLS1.1 and later
Reason for Enabling SSE in Weblogic Server
You may want to enable JSSE for below reasons
- SHA-2 signed certificates are supported in the JSSE SSL implementation provided in WebLogic Server.
- JSSE-based implementation supports TLS V1.0, TLS V1.1, and TLS V1.2. Also to enable support for the TLS V1.1 and TLS V1.2 protocols, WebLogic Server must be running with JDK 7. Note Latest Version JDK 1.6 also supports these TLS version
How to enable JSSE in Weblogic Server in 11g
(1) Login to Weblogic Console
(2) Click on Lock and Edit
You should see below screen after doing this
(3) Navigate to Environment > Servers and select the server where you want to change it
(4) Now go to SSL tab and then go to advanced section and click on JSSE enabled
(5) Save the changes and the release the configuration
(6) Now you can restart the Managed server and it will start using JSSE
Alternative way to enable JSSE
You can also enable JSSE by settings these parameter in JAVA_OPTIONS.
-Dweblogic.ssl.JSSEEnabled=true
-Dweblogic.security.SSL.enableJSSE=true
This can be set in $DOMAIN_HOME/bin/setDomainEnv.sh or whereever JAVA_OPTION are being picked up
How to disable JSSE in WebLogic
If you have enable JSSE then you can revert back the same way
(a) Login to weblogic console
(b) Lock and edit the configuration
(c) Navigate to Environment > Servers and select the server where you want to change it
(d) Now go to SSL tab and then go to advanced section and unclick on JSSE enabled
(e) save the changes and release the configuration
(f) Restart the managed server
JSSE in Oracle weblogic server 12c
Certicom is disabled in Oracle weblogic server 12c and JSSE is enabled by default . We cannot disable the JSSE in Oracle weblogic server 12c
Even if you set these options to false,
-Dweblogic.ssl.JSSEEnabled=false -Dweblogic.security.SSL.enableJSSE=false
Oracle WebLogic server will ignore these parameter
Related Articles
Weblogic Administration Console
How to start/stop Node manager and Managed server in Weblogic
Weblogic Interview questions
Oracle Weblogic server
Middleware Home and WebLogic Server Home Directories
https://www.oracle.com/in/middleware/technologies/weblogic.html