My Oracle Support Banner

How To Configure Which SSL Ciphers and Protocols are Used by Coherence (Doc ID 1936944.1)

Last updated on MAY 03, 2023

Applies to:

Oracle Coherence - Version 3.6.1 and later
Information in this document applies to any platform.


Can a Coherence SSL provider be configured to only use specific ciphers?

Prior to releases and it was only possible to use an undocumented feature to specify a list of enabled ciphers, this is allowed-listing.  Blocked-listing is providing a list of options that must be disabled.  If only a small number of options need to be avoided the ability to blocked-list them is typically simpler than configuring all the options that are allowed.

Prior to and the use of blocked lists for cipher-suites is not supported. And support for specifying protocol versions, in allowed or blocked list form, is only supported in and and later.

In and and later, both allowed-listing and blocked-listing of both protocols and ciphers are supported, and are documented in each release's documentation, for example: SSL Element Operational Configuration Reference.

In addition, with Java 7 is it possible to disable cryptographic algorithms, see the Java 7 Security Enhancements for details on this alternative which requires no Coherence specific changes.

Finally, if the goal is to disable the use of SSLv3, then please also refer to <Note: 1965582.1>, "How to disable SSL 3.0 in Oracle Coherence".


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Releases Prior to and
  Releases post and

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.