My Oracle Support Banner

How to disable ciphers at JRE level for SSH Access to ASC (Doc ID 2192338.1)

Last updated on APRIL 28, 2018

Applies to:

Oracle Communications Application Session Controller - Version S-E3.7.0 and later
Acme Packet OS

Goal

SSH connections to the ASC may fail with an error of An error occurred during a connection to <hostname>. SSL received a weak ephemeral Diffie-Hellman key in a Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

 

 Those strings include ciphers that use Diffie-Hellman ("DHE"), and most browsers now block those because they're vulnerable to Logjam attacks. That's why you're seeing the exact same error: the default list (when no cipher config string is set) has some DHE ciphers included in it.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.