My Oracle Support Banner

Configure Specific Cipher Suites for OPAM SSL Server using WLST Command Line (Doc ID 2310876.1)

Last updated on AUGUST 25, 2020

Applies to:

Oracle Privileged Account Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Goal

Customer wants to Configure Specific Cipher Suites for OPAM SSL Server using WLST Command Line.

Customer needs to disable DES/3DES and lower cryptography standards that uses CBC 64 bit block size that are vulnerable to collision attack.

Customer implemented this using java.security - However they are still able to use DES:3DES in connecting to SSL Port of OPAM Weblogic Server.

EXPECTED BEHAVIOR
-----------------------
Customer must not be able to perform SSL handshake using DES:3DES.

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Configure OPAM Weblogic Server with java.security as shown below
2. connect to SSL port using OpenSSL with DES:3DES as cipher

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
  
  
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.