Red Hat Bugzilla – Bug 1019375
SSL Protocols Options are wrong / do not match JSSE defaults.
Last modified: 2014-10-19 19:02:02 EDT
Title: SSL Connector Reference
Describe the issue:
The options listed in the 'protocol' section of the document do not match what the default JVM options are.
SSLv2, SSLv3, TLSv1, SSLv2+SSLv3, and ALL. The default is ALL.
Suggestions for improvement:
Under Oracle 1.7 JVM with just the SunJSSE provider the valid values are: 
SSLv3, TLSv1, TLSv1.1, TLSv1.2, SSLv2Hello
Our documentation says the following are supported:
SSLv2, SSLv3, TLSv1, SSLv2+SSLv3 and ALL.
However, under Java 1.7 JSSE here's what those values do:
SSLv2 -- default which is all the protocols, but NOT SSL v2 since that is not supported
SSLv3 -- Works as expected
TLSv1 -- Works as expected (only get TLSv1)
SSLv2+SSLv3 -- default which is all the protocols, but NOT SSL v2 since that is not supported
ALL -- Works as expected (somewhat). Gives the default which is all the protocols, but NOT SSL v2 since that is not supported
Also, keep in mind the actual valid values are from the JSSE provider and any combination separated by commas.
SSLv2Hello isn't SSLv2 .. it's just a backwards compatible hello
I think the important thing to mention is that protocol is passed along to the underlying implementation (either JSSE or OpenSSL) and the valid values depend on those implementations.
Verified in Revision 6.3.0-37