My Oracle Support Banner

13.4 & 13.5 : How to Disable Weak SSLCipherSuites in Enterprise Manager 13.4/13.5 Cloud Control (Doc ID 2663483.1)

Last updated on OCTOBER 30, 2023

Applies to:

Enterprise Manager Base Platform - Version and later
Information in this document applies to any platform.


This document explains steps to disable weak SSLCipherSuites used by the EM 13.4 & 13.5 OMS, Agent and WLS.
This procedure is useful if a security policy determines usage of only the strong cipher suites for the communication between the OMS and Agent, for EM Console access or if a security scan reports a Weak CBC Mode Vulnerability for EM components.


If you want to disable the weak cipher suites to address any security exposure, then check the information listed below:

1. Collect the scan report and note the port number on which the exposure is reported.

2. Check the EM process running on that port, by referring to port numbers in <EM INSTANCE HOME>/em/EMGC_OMS1/ file.

3.For EM version 13.1 to 13.3, refer to document below
13c: How to Disable Weak SSLCipherSuites in Enterprise Manager 13c Cloud Control (<Note 2138391.1>)

4.The following variable paths are used in this note:

<EM_INSTANCE_BASE> = Base Location where EM OMS is installed
<GCDOMAIN HOME> = <EM_INSTANCE_BASE>/gc_inst/user_projects/domains/GCDomain/


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 OMS(OHS component of OMS)
 OHS Admin Port(Default port:9999)

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.