TLS/SSL Connections with IBM Java

  • 7021339
  • 05-Mar-2015
  • 02-Mar-2018


Reflection ZFE version 1.0 or higher
IBM system (such as AIX)
IBM Java (JDK 7.1 or 8)


If you install Reflection ZFE session server on a machine that uses IBM JDK 7.1 or 8 (such as AIX), you will not be able to make TLS/SSL connections from the Reflection ZFE session server to the host computer.


If any type of TLS/SSL connection is desired for Reflection ZFE sessions to host computers, SSL 3.0 must be re-enabled in the IBM JDK, even if the actual protocol used in the Reflection ZFE session does not include SSL 3.0. That is, if the Reflection ZFE session is configured for “TLS 1.2, TLS 1.0,” the SSL 3.0 protocol must still be re-enabled in the JDK even though the connection will not use SSL 3.0.

To enable SSL 3.0 in the IBM JDK, set the new Java system property:

  1. Stop the Reflection ZFE session server service.
  2. Open the <Reflection ZFE installation folder>/sessionserver/conf/container.conf file in a text editor.
  3. Add this line (after the other lines):<n+1>

where <n> equals the highest number noted in the other<n> lines.

  1. Save the file and restart the Reflection ZFE session server service.

For more information, see

Additional Information

Legacy KB ID

This article was originally published as Attachmate Technical Note 2780.