TLS Ciphers

Hello, I need to update the list of ciphers WebMethods Integration Server will use. Is this a patch I apply or is it a new configuration I need to set?

Below is the list of ciphers accepted by the service we are calling.


Here is the IS server build information…
Product webMethods Integration Server
Updates None
Build Number 106
SSL Strong (128-bit)

Thanks in advance for the help…

To install JSEE


  1. Download the JCE Unlimited Strength Jurisdiction Policy Files
  2. Then install under the webMethods JVM directory: SoftwareAG\jvm\jvm\jre\lib\security

Checked the local_policy.jar and US_export_policy.jar under SoftwareAG\jvm\jvm\jre\lib\security folder. Found that their local_policy is using limited crypto strength.

During IS start below message logged.

[ISS.0025.0050W] The JCE Unlimited Strength Jurisdiction Policy File was not found. Please install it.

[ISS.0025.0049I] The JCE Unlimited Strength Jurisdiction Policy File was found

IS> extended settings,TLSv1.1,TLSv1.2,SSLv3,SSLv2Hello,TLSv1.1,TLSv1.2,SSLv3,SSLv2Hello

If you set “0006 Server SSL Interface to Trace” (IS Admin > Settings > Logging> Server), the enabled cipher list for a JSSE port will be printed out to the server.log when the port is enabled (including during IS startup).

You can then restrict the cipher list if desired by setting,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

This will be logged when the port is renabled/disabled (no IS restart required)


I would advise to remove the SSLv3 and the SSLv2Hello from the allowed protocols list as they are considered unsecure and deprecated.