I am facing some vulnerabilities in one WebSphere server 8.0 (see http://www-01.ibm.com/support/docview.wss?uid=swg21687173). The mitigation is to enable TLSv1.2.
However the OpenSSL version of the server is 0.9 and I know that this version does not support this version of TLS. So I wonder if the SSL implementation in WebSphere depends on the OpenSSL version. Unfortunately, I can't update OpenSSL (It is not the case to explain the why now :s).
If the websphere supports TLSv1.2. Is it possible to enable this protocol, even thought OpenSSL does not support it?
IBM WebSphere and its SSL implementation is not using OpenSSL.
Check this post for more details: The IBM Java JSSE does not use OpenSSL