POODLE SSL protocol Verification​

POODLE SSL protocol Verification​ (For PayPal SSLV3 Switch off)

All are aware of POODLE – SSLV3 issue that Google has identified. Now PayPal is going to switch off the SSLV3 protocol support in PRODUCTION from Dec first week. All the application integrated with PayPal has to test their application in SANDBOX where SSLV3 is switched off currently. If you are able to place PayPal orders in SandBox, then your application is using protocol other than SSL.

poodle

img src: CIO today

Below steps will give you test your application is using SSL or TLS protocol. POODLE SSL protocol Verification​

Open the SERVERS tab in Eclipse

1

Double Click on the Server  — Click on the launch Configuration

2

Add -Djavax.net.debug=all to VM Arguments as shown below:

3

Run the application and watch the logs till the PayPal call is made in the application. You should find the READ: TLSv1 Handshake, length = 5164 and Subject: CN=api.sandbox.paypal.com,

This shows your application is using TLSv1 protocol and not SSLv3.

Server Logs:

15:01:38,931 INFO [STDOUT] ajp-0.0.0.0-8009-1:ipaddr=127.0.0.1;path=/dyn/admin/nucleus/technostixs/payment/paypal/PayPalToolsWS/;

sessionid=1038E9BB1770456582E32DDFB8F9E2B2,

READ: TLSv1 Handshake, length = 5164

15:01:38,931 INFO [STDOUT] *** Certificate chain

15:01:38,932 INFO [STDOUT] chain [0] = [

[

Version: V3

Subject: CN=api.sandbox.paypal.com, OU=PayPal Production, O=”PayPal, Inc.”, L=San Jose, ST=California, C=US

Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

Key: Sun RSA public key, 2048 bits

modulus: 297848777815518252992931804658701635132356237313676759322291175093

705427119996833941049003380881060897410074391704967

5848723663302375859066936677923976896554080955346464345039044151441596

693452803150739902567410170384935817555478051

534768930795370061178729501485104458591453779430885364930160191670520619

71901580403557200805552899188933699286764825

2635430464620800100679005756744858722735876844653776570208269967800281

1208763318852254666534984020637685872224798

362174431816242699096767099724588035944517703395935184753804951430589590

524837516037589833937690567669100503108292184429821300787297137130559

seperator

References:

https://www.openssl.org/~bodo/ssl-poodle.pdf

http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#SSLOverview

http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/ReadDebug.html

seperator

You may also like this

seperator

About TechnoStixs.com

Oracle ATG to use Coherence Cache

TechnoStixs.com is a dedicated weblog for Java/J2EE and web developers. We take pride in our work. Every publication is carefully analyzed, written and tested to ease the understanding of the topic or subject.

We cover Java Core Technologies, eCommerce, J2EE Frameworks, Web Service, Build Tools, Unit Test Frameworks and Others.

1,449 total views, 1 views today

Add comment