Title: SSL Connector Reference Describe the issue: The options listed in the 'protocol' section of the document do not match what the default JVM options are. SSLv2, SSLv3, TLSv1, SSLv2+SSLv3, and ALL. The default is ALL. Suggestions for improvement: Under Oracle 1.7 JVM with just the SunJSSE provider the valid values are: [0] SSLv3, TLSv1, TLSv1.1, TLSv1.2, SSLv2Hello Our documentation says the following are supported: SSLv2, SSLv3, TLSv1, SSLv2+SSLv3 and ALL. However, under Java 1.7 JSSE here's what those values do: SSLv2 -- default which is all the protocols, but NOT SSL v2 since that is not supported SSLv3 -- Works as expected TLSv1 -- Works as expected (only get TLSv1) SSLv2+SSLv3 -- default which is all the protocols, but NOT SSL v2 since that is not supported ALL -- Works as expected (somewhat). Gives the default which is all the protocols, but NOT SSL v2 since that is not supported Also, keep in mind the actual valid values are from the JSSE provider and any combination separated by commas. Additional information: [0] http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider SSLv2Hello isn't SSLv2 .. it's just a backwards compatible hello
I think the important thing to mention is that protocol is passed along to the underlying implementation (either JSSE or OpenSSL) and the valid values depend on those implementations.
Fixed: http://docbuilder.usersys.redhat.com/22820/#SSL_Connector_Reference1
Verified in Revision 6.3.0-37