OUD 11g/12c - Cipher Order is Different in Crypto Manager than other SSL Handlers
(Doc ID 2749469.1)
Last updated on FEBRUARY 10, 2021
Applies to:Oracle Unified Directory - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
Crypto Manager stores ciphers alphabetically in the configuration and (most importantly) it uses them in this order. It does not matter the order ciphers are added, they are place in the configuration in alphabetical order.
When a client is initiating an SSL connection the ciphers then chosen in alphabetical order. There is no way to enforce using a stronger cipher.
In comparison, this is not the case when using LDAPS connection handler or Admin connection handler where the order of the ciphers is first added, first chosen/used.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document