After upgrading to 25.1 the server.xml missing cipher=
search cancel

After upgrading to 25.1 the server.xml missing cipher=

book

Article ID: 424960

calendar_today

Updated On:

Products

Data Loss Prevention Core Package

Issue/Introduction

after upgrading to 25.1 from RU2 the server.xml changed. 

Environment

In 25.1 the cipher= section has been removed.
            <SSLHostConfig certificateVerification="none" revocationEnabled="false" sslProtocol="TLS" truststoreFile="${catalina.b
ase}/conf/truststore.jks" truststorePassword="protect">
                <Certificate certificateKeystoreFile="${catalina.base}/conf/.keystore" certificateKeystorePassword="XXXXXXXXXX"/>
            </SSLHostConfig>
16.0.2 default:
            <SSLHostConfig certificateVerification="none" ciphers="TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" protocols="TLSv1.2" revocationEnabled="false" sslProtocol="TLS" truststoreFile="${catalina.base}/conf/truststore.jks" truststorePassword="protect">
                <Certificate certificateKeystoreFile="${catalina.base}/conf/.keystore" certificateKeystorePassword="XXXXXXXXX"/>
            </SSLHostConfig>

Resolution

In 25.1 the protocol used is TLS 1.3 and the cipher suites are limited to what is available in TLS 1.3

Powered by Wolken Software