Enabling TLS-Only on WebLogic

This section discusses the configurations for enabling TLS-Only on WebLogic.

The weblogic.security.SSL.protocolVersion command-line argument lets you specify which protocol is used for SSL connections.

To enable TLS-only on WebLogic Server:

  1. Open PIA_HOME/webserv/<Domain>/bin/setEnv.cmd (Windows) or setEnv.sh (UNIX) in edit mode.

  2. Append the following option to the JAVA_OPTIONS variable:

    -Dweblogic.security.SSL.protocolVersion=TLS1

    For example, on Windows in the setEnv.cmd, the updated JAVA_OPTIONS_WIN would appear as:

    SET JAVA_OPTIONS_WIN=-jrockit -XnoOpt -XXnoJITInline -Xms512m -Xmx512m
-Dtoplink.xml.platform=oracle.toplink.platform.xml.jaxp.JAXPPlatform
-Dweblogic.security.SSL.protocolVersion=TLS1

  3. Save the change.

  4. Restart PeopleSoft Internet Architecture.

For more information about Supporting TLS1 protocol, refer to Oracle WebLogic documentation for specifying the version of SSL to be used.

See Specifying the Version of the SSL Protocol.

This section covers steps for configuring TLS on browsers.

Setting Up TLS on Microsoft Internet Explorer

To set up TLS on Internet Explorer:

  1. Launch Internet Explorer.

  2. Select Tools, Internet Options, and select the Advanced tab.

  3. In the Settings box in the Security section, disable Use SSL 3.0 and enableUse TLS 1.0.

  4. Click OK and restart the browser.

Setting Up TLS on Mozilla Firefox

To set up TLS on Firefox:

  1. Launch Firefox.

  2. Select Tools, Options, click the Advanced icon, and select the Encryption tab.

  3. In the Protocols group box, disable Use SSL 3.0 and enableUse TLS 1.0.

  4. Click OK and restart the browser.

It is strongly recommended to that you access the vendor's documentation of the web server you are using for a reverse proxy server and use their instructions for setting up TLS.