I am trying to enable TLSv1.2 in WebSphere Liberty Profile 8.5.5.6. I have three WLP servers running in a cluster/collective. I have TLSv1.2 working for incoming HTTPS traffic to the three member servers, as well as the controller. That is all fine.
However, when any of the members tries to communicate with the controller for the normal collective stuff, it fails, and I get the following error messages on the controller:
000000a3 com.ibm.ws.channel.ssl.internal.SSLHandshakeErrorTracker E
CWWKO0801E: Unable to initialize SSL connection.
Unauthorized access was denied or security settings have expired.
Exception is javax.net.ssl.SSLHandshakeException:
Client requested protocol TLSv1 not enabled or not supported
Here is what I have in each of my servers, including the controller:
<sslDefault sslRef="defaultSslConfig" />
<ssl id="defaultSslConfig"
keyStoreRef="defaultKeyStore"
trustStoreRef="defaultTrustStore"
clientAuthenticationSupported="true"
sslProtocol="TLSv1.2" />
Like I said, this works fine for incoming HTTPS traffic. But is there something else I need to set up for controller<->member communications to use TLSv1.2? Or is there somewhere I can turn it off for inter-server communications, if it's not supported there?
