Solved: Weak Ciphers Suites Enabled

former_member706793 · ‎2011 Jul 29

How to disable mentioned Ciphers suites in Portal ?

TLS_RSA_WITH_DES_CBC_SHA

Thanks

cathal_ohare · ‎2011 Aug 05

Hi All,

For the j2ee system, You can remove it via VisualAdmin tool -> dispatcher -> services ->

SSL Provider under the Cipher Suite tab.

Kind regards,

Cathal

mvoros · ‎2011 Aug 02

Hi,

you should be able to do it using parameter ssl/ciphersuites. It's for ABAP stack but it should work also for ICM of Java stack. More info about parameter can be here 510007. I think you can just modify profile in /usr/sap/<SID>/SYS/profile.

Cheers,

Martin

former_member706793 · ‎2011 Aug 02

Thanks Martin,

1.Where can i check the mentioned Ciphers in the server ?

2.This is how we configure 128 bit session key strength ?

- In work directory ( ssl/ciphersuites=129:HIGH ) ??

mvoros · ‎2011 Aug 03

1. Sorry, I wasn't clear. Check the OSS note 510007. SAP divides ciphers into some categories. All ciphers are listed in that OSS note.

2. That note also says how to set up that parameter.

cathal_ohare · ‎2011 Aug 05

Hi All,

For the j2ee system, You can remove it via VisualAdmin tool -> dispatcher -> services ->

SSL Provider under the Cipher Suite tab.

Kind regards,

Cathal

former_member706793 · ‎2011 Aug 05

Thanks Cathal.

I checked the portal & i didnt find "TLS_RSA_WITH_DES_CBC_SHA" under SSL Provider to remove.

cathal_ohare · ‎2011 Aug 15

That is strange as I see it on our own system, The Suites are not in alphabetical order though. Can you see other suites ok?

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

Weak Ciphers Suites Enabled