Problem

-- Is TLS 1.2 supported in B2Bi 2.x and Interchange 5.12.0?

-- Is SSLv2Hello and SSLv3 enabled in B2Bi 2.x and Interchange 5.12.0?

Resolution

• TLS 1.2 is supported starting with Service Pack 3 of B2Bi 2.1.0 and Interchange 5.12.0 and any higher version of B2Bi.
• TLS 1.2 is the default outgoing protocol, the application will fall back to TLS 1.1 or TLS 1.0 if the server does not support TLS 1.2
• SSLv2Hello and SSLv3 are disabled per default.
• Changes to the enabled protocols can be done by editing the [installDir]/conf/tuning.properties. The default setting are:
  sslProtocols=TLSv1,TLSv1.1,TLSv1.2
  sslProtocols.client=TLSv1,TLSv1.1,TLSv1.2
  sslProtocols.connectionProtocol=TLSv1.2
  
  To enable SSLv3 and/or SSLv2Hello for embedded servers, add them to the list, e.g.:
  sslProtocols=SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2
  
  To enable SSLv3 and/or SSLv2Hello for client connections, add them to the list, e.g.:
  sslProtocols.client=SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2
  
• With Java 1.8 SSLv3 is disabled per default. In order to activate, additionally to above steps, the [InstallDir]/Java/[OS]/[JREVersion]/lib/security/java.security file needs to be updated. "SSLv3" needs to be removed from the disabledAlgorithms.
  E.g. change the default:
  jdk.tls.disabledAlgorithms=SSLv3
  to:
  jdk.tls.disabledAlgorithms=

**It is not recommended to enable SSLv3 due to the vulnerability known as POODLE (CVE-2014-3566).