How to Force >128bit Encryption with Oracle HTTP Server
Last updated on APRIL 13, 2016
Applies to:
Oracle HTTP Server - Version: 10.1.2.0.0 to 10.1.3.4.0 - Release: AS10gR2 to AS10gR3Information in this document applies to any platform.
Goal
How to Force >128bit Encryption with Oracle HTTP Server (OHS)?The aim of this article is to show how to configure OHS to force greater than 128bit encryption if NOT using a Global Server ID. As per <
The problem is that out of the box, OHS supports a number of SSL Ciphersuites that also allow connections <128bit. As most businesses are not in control of which clients are connecting to OHS, this means that old browsers, misconfigured browsers, or other SSL clients can connect at <128bit, either intentionally or unintentionally. Businesses need a method to ensure that OHS only allows >128bit connections.
Note: As stated above this note is only applicable when OHS is not configured with a Global Server ID
Solution
Sign In with your My Oracle Support account |
|
Don't have a My Oracle Support account? Click to get started |
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms