How to disable ciphers at JRE level for SSH Access to ASC

(Doc ID 2192338.1)

Last updated on APRIL 28, 2018

Applies to:

Oracle Communications Application Session Controller - Version S-E3.7.0 and later
Acme Packet OS

Goal

SSH connections to the ASC may fail with an error of An error occurred during a connection to <hostname>. SSL received a weak ephemeral Diffie-Hellman key in a Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

 

 Those strings include ciphers that use Diffie-Hellman ("DHE"), and most browsers now block those because they're vulnerable to Logjam attacks. That's why you're seeing the exact same error: the default list (when no cipher config string is set) has some DHE ciphers included in it.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms