Where is the secure protocol defined for EEM, and how can we control the ciphers that are used for these secure connections?
Release:
Component: ETEIAM 12.5.1 CR04 and later
The protocol and ciphers are controlled in the igateway.conf file located here:
%IGW_LOC% or $IGW_LOC
To set the TLS protocol, search in the file for secureProtocol and modify that line as follows:
<secureProtocol>TLSV1_1</secureProtocol>
or
<secureProtocol>TLSV1_2</secureProtocol>
Next search the file for cipherlist and modify that line as follows:
<cipherlist></cipherlist>
You might set the values as -ALL:HIGH:MEDIUM:!RC4 so that it would look like
<cipherlist>-ALL:HIGH:MEDIUM:!RC4</cipherlist>
The list of supported ciphers for EEM are:
DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
AES256-SHA
EDH-RSA-DES-CBC3-SHA
EDH-DSS-DES-CBC3-SHA
DES-CBC3-SHA
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA
AES128-SHA
RC4-SHA
RC4-MD5
Changes to the igateway.conf file require a restart of igateway.
Settings are only valid for EEM version 12.5.1 CR04 and later