My Oracle Support Banner

13c: How to Disable Weak SSLCipherSuites in Enterprise Manager 13c Cloud Control (Doc ID 2138391.1)

Last updated on SEPTEMBER 04, 2021

Applies to:

Enterprise Manager Base Platform - Version 13.1.0.0.0 to 13.3.0.0.0 [Release 13c]
Information in this document applies to any platform.

Goal

Current document(<Note 2138391.1>) explains steps to disable weak SSLCipherSuites used by the EM 13c(13.1, 13.2, 13.3) OMS, Agent and WLS.

Starting from EM 13.4 refer to MOS document below
13.4c: How to Disable Weak SSLCipherSuites in Enterprise Manager 13.4 Cloud Control (<Note 2663483.1>)

For EM 12c,refer to MOS document below
EM 12c: How to Disable Weak SSLCipherSuites Used by Enterprise Manager 12c Cloud Control (<Note 1477287.1>)


This procedure is useful if a security policy determines usage of only the strong cipher suites for the communication between the OMS and Agent, for EM Console access or if a security scan reports a Weak CBC Mode Vulnerability for EM components.

If you want to disable the weak cipher suites to address any security exposure, then check the information listed below:

1. Collect the scan report and note the port number on which the exposure is reported.
2. Check the EM process running on that port, by referring to port numbers in <EM INSTANCE HOME>/em/EMGC_OMS1/emgc.properties file.
3. Follow the solution provided in this document for respective process or application.
For EM 12c,follow <Note1477287.1> EM 12c:How to Disable Weak SSLCipherSuites Used by Enterprise Manager Cloud Control

4.The following variable paths are used in this note:

<EM_INSTANCE_BASE> = Base Location where EM OMS is installed
<MIDDLEWARE HOME> = <EM_INSTANCE_BASE>/middleware
<OMS_HOME> = <MIDDLEWARE HOME>/bin
<GCDOMAIN HOME> = <EM_INSTANCE_BASE>/gc_inst/user_projects/domains/GCDomain/

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
 Pre-Requisistes
 OMS(OHS component of OMS)
 Agent
 WLS(WLS in OMS)


 OHS Admin Port(Default port:9999)

 Verification
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.