Undesired RC4 Ciphers are Continually Used with WebLogic Server SSL Connections
(Doc ID 2250434.1)
Last updated on MARCH 05, 2021
Applies to:Oracle WebLogic Server - Version 10.3.6 and later
Oracle Fusion Middleware - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
- When accessing an application with SSL, the link does not work and will not load in the browser. The following errors may be seen depending on your browser vendor (Chrome, Fire Fox, Internet Explorer):
- Some client browsers may report the use of RC4 ciphers and some security scans may be detecting RC4 ciphers.
- When using nmap utility, it can be seen that RC4 ciphers are available. See <Note 2241442.1> Using NMAP Tool to Test Available SSL Ciphers
- When examining the Weblogic AdminServer.log with SSL debug enabled, the following can be observed:
Have updated the DOMAIN_HOME/config/config.xml and JAVA_HOME/jre/lib/security/java.security files with no success.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document