See DERBY-6764
I believe Derby only uses ssl for client/server secure communication,
so this issue only possibly affects those running client/server rather
than embedded.
Derby will use the ssl version available in the JVM in which the
client and server is running, so part of the answer depends on what
JVM is running. It is unclear to me if when there are multiple versions
available what version Derby will choose.
I got the following from the web:
Oracle JRE/OpenJDK 6 supports SSLv3 and TLS 1.0. You would need the IBM
JRE 6/7 or Oracle JRE/OpenJDK 7 to get support for TLS 1.1 and TLS 1.2.
