How to disable ciphers at JRE level for SSH Access to ASC
(Doc ID 2192338.1)
Last updated on APRIL 28, 2018
Applies to:Oracle Communications Application Session Controller - Version S-E3.7.0 and later
Acme Packet OS
SSH connections to the ASC may fail with an error of An error occurred during a connection to <hostname>. SSL received a weak ephemeral Diffie-Hellman key in a Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
Those strings include ciphers that use Diffie-Hellman ("DHE"), and most browsers now block those because they're vulnerable to Logjam attacks. That's why you're seeing the exact same error: the default list (when no cipher config string is set) has some DHE ciphers included in it.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!