WebLogic KM - How to configure with TLS 1.1 and TLS 1.2 Protocol

Version 1
    Share:|

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    PATROL for Oracle WebLogic


    APPLIES TO:

    BMC PATROL for Oracle WebLogic



    PROBLEM:

     

    Symptoms:

      

    Can't register the Weblogic server using TLS Protocol 1. Our environment requires a more stringent connection to the AdminServer. We are using TLS 1.1.

    Applies To:

      

    BMC PATROL for Oracle WebLogic 3.0.10

     

     


    SOLUTION:

     

    Legacy ID:KA429788

      

    Cause
    Customer need support for TLS 1.1 and TLS 1.2 protocol. Solution is not covered in the online documentation.

    Solution
    1) Added the following JVM Arguments (wls-environment -> Knowledge Module Commands -> KM Administration -> Define JVM Arguments):
    -Dweblogic.security.SSL.protocolVersion=TLS1.1
    -Dweblogic.ssl.JSSEEnabled=true
    -Dweblogic.security.SSL.enableJSSE=true - -Dweblogic.security.SSL.ignoreHostnameVerification=true

    2) The remaining issues had to do with permissions:
    a) I had to give the Patrol account additional permissions, that are not listed in the documentation, mainly to some .jar files. In our environment we don't put the Patrol user in the weblogic group so we need to set ACLs on various directories.
    b) I found that patrol needed additional permissions on jar files in jvm/jre/lib/ext directory as well as the modules directory.
    c) The documentation states only:
    - Read for the WebLogic home directory
    - Read-Execute for the Java home directory
    - Read-Write-Execute for the $PATROL_ROOT/.../srp directory

    Additional Information
    Remember to include the .jks file in the Server Keystore Path.

      
    Related Products:  
       
    1. BMC PATROL for Oracle WebLogic

     


    Article Number:

    000080156


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles