Undesired RC4 Ciphers Are Continually Used with WebLogic Server SSL Connections (Doc ID 2250434.1)

Last updated on APRIL 04, 2017

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Oracle Fusion Middleware - Version 11.1.1.6.0 and later
Information in this document applies to any platform.

Symptoms

<Mar 16, 2016 11:51:38 AM EDT> <Debug> <SecuritySSL> <BEA-000000> <DynamicJSSEListenThread[DefaultSecure] 4 cipher suites enabled:>
<Mar 16, 2016 11:51:38 AM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSL_RSA_WITH_RC4_128_SHA>
<Mar 16, 2016 11:51:38 AM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_SHA>
<Mar 16, 2016 11:51:38 AM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSL_RSA_WITH_RC4_128_MD5>
<Mar 16, 2016 11:51:38 AM EDT> <Debug> <SecuritySSL> <BEA-000000> <TLS_RSA_WITH_RC4_128_MD5>


Changes

 Have updated the DOMAIN_HOME/config/config.xml and JAVA_HOME/jre/lib/security/java.security files with no success.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms