cancel
Showing results for 
Search instead for 
Did you mean: 

How to change OnPremise Solr SSL/TLS WEAK Cipher Suites

SAPSupport
Employee
Employee
0 Kudos

On latest vulnerability report, it was identified that some WEAK ciphersSuites were been enabled from Solr side in OnPremise infrastructure.

  • The SSL/TLS server configuration should only allow strong key exchanges that provide at least 112 bits of security, which translates to a minimum key size of 2048 bits for Diffie Hellman and RSA key exchanges or 224 bits for Elliptic Curve Diffie Hellman key exchanges.
  • The Identified WEAK cipherSuites should be restricted/removed from the enabled list.

How can we change these settings and restrict the use of the mentioned cipherSuites above from Solr's perspective?


------------------------------------------------------------------------------------------------------------------------------------------------
Learn more about the SAP Support user and program here.

Accepted Solutions (1)

Accepted Solutions (1)

SAPSupport
Employee
Employee
0 Kudos

For Solr perspective, the control of the implemented cipherSuites would be performed from Jetty level.

Please refer to Jetty official documentation on the subject, with the specific steps for this request:

Answers (0)