My Oracle Support Banner

OUD 11g/12c - Cipher Order is Different in Crypto Manager than other SSL Handlers (Doc ID 2749469.1)

Last updated on FEBRUARY 10, 2021

Applies to:

Oracle Unified Directory - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

Crypto Manager stores ciphers alphabetically in the configuration and (most importantly) it uses them in this order. It does not matter the order ciphers are added, they are place in the configuration in alphabetical order.

When a client is initiating an SSL connection the ciphers then chosen in alphabetical order. There is no way to enforce using a stronger cipher.

In comparison, this is not the case when using LDAPS connection handler or Admin connection handler where the order of the ciphers is first added, first chosen/used.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.