Administer > System configuration parameters > SSL parameters > Parameter: sslEnabledProtocols

Parameter: sslEnabledProtocols

Parameter

sslEnabledProtocols

Description

This parameter defines a comma separated list of SSL protocols to support for HTTPS connections of the Service Manager Server when running in FIPS mode.

  • If specified, only the protocols that are listed and supported by the SSL implementation will be enabled.
  • If not specified, the JVM default (excluding SSLv2 and SSLv3 if the JVM enables either or both of them by default) is used.
  • If "fipsmode:2" is specified in the Server configuration file (sm.ini), the following value is used for this parameter by default: TLSv1,TLSv1.1,TLSv1.2.

Note There is overlap between this parameter and sslProtocols. You are recommended to use the default value for FIPS mode. If you want to use another value, keep in mind that TLSv1.2 is always mandatory, and TLSv1 is also mandatory when you use WebSphere Application Server for the Web Tier or Mobility Client.

Valid if set from

Server's operating system command prompt

Initialization (sm.ini) file

Requires restart of the Service Manager server?

Yes

Default value

TLSv1,TLSv1.1,TLSv1.2

Possible values

Supported combinations of the following values (comma-separated): TLSv1, TLSv1.1, and TLSv1.2 (see the note in the description)

Example usage

sslEnabledProtocols:TLSv1,TLSv1.1,TLSv1.2