CA Embedded Entitlements Manager: Available ciphers for the new cipherlist tag
search cancel

CA Embedded Entitlements Manager: Available ciphers for the new cipherlist tag

book

Article ID: 46312

calendar_today

Updated On:

Products

Email

Issue/Introduction

Where is the secure protocol defined for EEM, and how can we control the ciphers that are used for these secure connections?

Environment

Release:
Component: ETEIAM 12.5.1 CR04 and later

Resolution

The protocol and ciphers are controlled in the igateway.conf file located here:
%IGW_LOC%  or  $IGW_LOC

To set the TLS protocol, search in the file for secureProtocol and modify that line as follows:

<secureProtocol>TLSV1_1</secureProtocol>

or

<secureProtocol>TLSV1_2</secureProtocol>

Next search the file for cipherlist and modify that line as follows:

<cipherlist></cipherlist>    

You might set the values as  -ALL:HIGH:MEDIUM:!RC4  so that it would look like

<cipherlist>-ALL:HIGH:MEDIUM:!RC4</cipherlist>   

The list of supported ciphers for EEM are:

DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
AES256-SHA
EDH-RSA-DES-CBC3-SHA
EDH-DSS-DES-CBC3-SHA
DES-CBC3-SHA
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA
AES128-SHA
RC4-SHA
RC4-MD5  

Changes to the igateway.conf file require a restart of igateway. 

Additional Information

Settings are only valid for EEM version 12.5.1 CR04 and later