1 Reply Latest reply on Oct 29, 2018 5:23 AM by sshriram09

    How to do Cipher Suites Enabled


      Hello Sir.


      Application server OS: windows server 2008 R2

      Application server Java version: jdk1.6.0_21

      Application server JBoss version:  JBoss Enterprise Application Platform 6


      I have installed the SSL certificate in application server, but using openssl to test the server show below alert, how can I fix the issues. Thanks a lot.


        • 1. Re: How to do Cipher Suites Enabled

          You can provide comma separated list of cipher suites by setting  "cipher-suite " attribute on ssl element for https connector.


          Get the list of supported ciphers by JDK and include in the list.


          <ssl key-alias="ssl"  cipher-suite="TLS_RSA_WITH_AES_256_CBC_SHA256,........" protocol="TLSv1.2," ........./>


          You can disable weak ciphers (RC4, DES, 3DES, EXPORT etc) in $JDK_HOME/jre/lib/security/java.security file in java 8


          jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DES, DESede, EXPORT, DH keySize < 2048


          I would recommend you to use to JDK 1.8 with latest release from EAP i.e 7.1.x