Configure Specific Cipher Suites for OPAM SSL Server using WLST Command Line
Last updated on NOVEMBER 22, 2017
Applies to:Oracle Privileged Account Manager - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
Customer wants to Configure Specific Cipher Suites for OPAM SSL Server using WLST Command Line.
Customer needs to disable DES/3DES and lower cryptography standards that uses CBC 64 bit block size that are vulnerable to collision attack.
Customer implemented this using java.security - However they are still able to use DES:3DES in connecting to SSL Port of OPAM Weblogic Server.
Customer must not be able to perform SSL handshake using DES:3DES.
The issue can be reproduced at will with the following steps:
1. Configure OPAM Weblogic Server with java.security as shown below
2. connect to SSL port using OpenSSL with DES:3DES as cipher
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms