AE web service using ciphers no longer supported

book

Article ID: 14360

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) CA Workload Automation Agent

Issue/Introduction

If i edit the server.xml file and remove the cipher 

TLS_DHE_DSS_WITH_AES_128_CBC_SHA, will it cause any issue during our upgrade?

 



We are currently experiencing an issue with the AE web service in clients are not able to connect

and getting a message of a weak hellman cipher, [SSL: SSL_NEGATIVE_LENGTH] dh key too small} . 

We are currently planning upgrades to the latest SP but will take some considerable time. 

What I am looking to  understand is if i edit the server.xml file and remove the cipher 

TLS_DHE_DSS_WITH_AES_128_CBC_SHA, will it cause any issue during our upgrade?

 

Environment

Release: ATSYHA99000-11.3.6-Workload Automation AE-High Availability Option
Component:

Resolution

Yes you can change the server.xml file before the upgrade. The problem is that when you upgrade, it 

will add it back in more than likely. You would need to repeat and remove it again after the upgrade.