JSSE and WebLogic Server in WebLogic Server 11g

 Recently, several customers want to migrate to JSSE, because they would like to have stronger cipher suites.

If you have WebLogic Server 10.3.2 or earlier versions, you will need to upgrade your Weblogic Server to the latest 11g.
There is no supported way to enable JSSE in these versions.


To enable JSSE in weblogic server 10.3.3 and later, you can add a property to JAVA_OPTIONS as described below:

    -Dweblogic.security.SSL.enableJSSE=true (WLS 10.3.3)
http://docs.oracle.com/cd/E14571_01/web.1111/e13707/ssl.htm#BABIJEJD
    -Dweblogic.ssl.JSSEEnabled=true (WLS 10.3.4 and later)
http://docs.oracle.com/cd/E21764_01/web.1111/e13707/ssl.htm#BABIJEJD

Additional Details here:
http://docs.oracle.com/cd/E14571_01/web.1111/e13707/ssl.htm#SECMG494

Please notice that as this is a new feature, there are several recommended patches for known issues:
For WebLogic Server 10.3.3:
SHA2 Certificate Throws Log Message "Ignoring The Trusted CA Certificate" (Doc ID 1538488.1)

For WebLogic Server 10.3.5 and 10.3.6 make sure you are using the latest PSU delivered:
e.g:
Oracle WebLogic Server Patch Set Update 10.3.5.0.7 Fixed Bugs List (Doc ID 1544306.1)
Oracle WebLogic Server Patch Set Update 10.3.6.0.9 Fixed Bugs List (Doc ID 1935048.1)   

Enjoy!