topic Re: Weak Ciphers Suites Enabled in Application Development and Automation Discussions

Weak Ciphers Suites Enabled

former_member706793 — Fri, 29 Jul 2011 19:59:39 GMT

How to disable mentioned Ciphers suites in Portal ?

TLS_RSA_WITH_DES_CBC_SHA

Thanks

Re: Weak Ciphers Suites Enabled

mvoros — Tue, 02 Aug 2011 03:51:34 GMT

Hi,

you should be able to do it using parameter ssl/ciphersuites. It's for ABAP stack but it should work also for ICM of Java stack. More info about parameter can be here 510007. I think you can just modify profile in /usr/sap/<SID>/SYS/profile.

Cheers,

Martin

Re: Weak Ciphers Suites Enabled

former_member706793 — Tue, 02 Aug 2011 14:39:10 GMT

Thanks Martin,

1.Where can i check the mentioned Ciphers in the server ?

2.This is how we configure 128 bit session key strength ?

- In work directory ( ssl/ciphersuites=129:HIGH ) ??

Re: Weak Ciphers Suites Enabled

mvoros — Tue, 02 Aug 2011 23:54:20 GMT

1. Sorry, I wasn't clear. Check the OSS note 510007. SAP divides ciphers into some categories. All ciphers are listed in that OSS note.

2. That note also says how to set up that parameter.

Re: Weak Ciphers Suites Enabled

cathal_ohare — Fri, 05 Aug 2011 13:50:02 GMT

Hi All,

For the j2ee system, You can remove it via VisualAdmin tool -> dispatcher -> services ->

SSL Provider under the Cipher Suite tab.

Kind regards,

Cathal

Re: Weak Ciphers Suites Enabled

former_member706793 — Fri, 05 Aug 2011 14:00:15 GMT

Thanks Cathal.

I checked the portal & i didnt find "TLS_RSA_WITH_DES_CBC_SHA" under SSL Provider to remove.

Re: Weak Ciphers Suites Enabled

cathal_ohare — Mon, 15 Aug 2011 12:27:50 GMT

That is strange as I see it on our own system, The Suites are not in alphabetical order though. Can you see other suites ok?