EM 12c: How to Disable Weak SSLCipherSuites Used by Enterprise Manager 12c Cloud Control
Last updated on MAY 16, 2018
Applies to:Enterprise Manager Base Platform - Version 220.127.116.11.0 to 18.104.22.168.0 [Release 12.1]
Information in this document applies to any platform.
The procedure shown here to disable the weak SSLCipherSuites used by the EM 12c OMS, the EM 12c Agent and the WebLogic Server component will be of interest to all those interested in keeping the key components of Enterprise Manager secure.
This procedure is useful if a security policy determines usage of only the strong cipher suites for the communication between the OMS and Agent, for EM Console access or if a security scan reports a Weak CBC Mode Vulnerability for EM components.
In case you are disabling weak ciphers to overcome a security scan issue, first you should check the port number on which the issue is reported from the scan report. Then you will need to know the EM related process running on that port by referring to port numbers in <EM INSTANCE HOME>/em/EMGC_OMS1/emgc.properties file and follow the solution provided in this document for the respective process or application
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms