How can I check and change the current SSL protocol and cipher suites used in R12.7 AdminUI?

book

Article ID: 16681

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



We have installed AdminUI and we use HTTPS to access it, but we would like to check which SSL protocol and which cipher suites are enabled by default as we would like to adjust them, and we noticed this has changed in R12.7. How we can check this?

Environment

AdminUI R12.7, R12.8, and R12.52SP2

Resolution

You can check these details in the standalone-full.xml file, located under the /standalone/configuration folder in your AdminUI installation path, in the https-listener configuration. This is the default configuration:

<https-listener enabled-cipher-suites="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA" enabled-protocols="TLSv1.1,TLSv1.2" name="https" security-realm="SSLRealm" socket-binding="https"/>

 

Additional Information

TLS Protocols supported by AdminUI R12.7