How to Force >128bit Encryption with Oracle HTTP Server
Last updated on APRIL 13, 2016
Applies to:Oracle HTTP Server - Version: 10.1.2.0.0 to 10.1.3.4.0 - Release: AS10gR2 to AS10gR3
Information in this document applies to any platform.
The aim of this article is to show how to configure OHS to force greater than 128bit encryption if NOT using a Global Server ID. As per <
The problem is that out of the box, OHS supports a number of SSL Ciphersuites that also allow connections <128bit. As most businesses are not in control of which clients are connecting to OHS, this means that old browsers, misconfigured browsers, or other SSL clients can connect at <128bit, either intentionally or unintentionally. Businesses need a method to ensure that OHS only allows >128bit connections.
Note: As stated above this note is only applicable when OHS is not configured with a Global Server ID
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms