EM 12c: How to Disable Weak SSLCipherSuites Used by Enterprise Manager 12c Cloud Control (Doc ID 1477287.1)

Last updated on JUNE 10, 2017

Applies to:

Enterprise Manager Base Platform - Version 12.1.0.1.0 to 12.1.0.5.0 [Release 12.1]
Information in this document applies to any platform.

Goal

The procedure shown here to disable the weak SSLCipherSuites used by the EM 12c OMS, the EM 12c Agent and the WebLogic Server component will be of interest to all those interested in keeping the key components of Enterprise Manager secure.
This procedure is useful if a security policy determines usage of only the strong cipher suites for the communication between the OMS and Agent, for EM Console access or if a security scan reports a Weak CBC Mode Vulnerability for EM components.

 

In case you are disabling weak ciphers to overcome a security scan issue, first you should check the port number on which the issue is reported from the scan report. Then you will need to know the EM related process running on that port by referring to port numbers in <EM INSTANCE HOME>/em/EMGC_OMS1/emgc.properties file and follow the solution provided in this document for the respective process or application

 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms