Integration

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Disable CBC3 ciphers in Application Server 10.1.2

524918Sep 4 2012

A PCI security scan failed and reported that I need to disable block ciphers (AES and CBC3). Have tried removing using the apache SSLCipherSuite directive in my ssl.conf file but a server scan still shows EDH-RSA-DES-CBC3-SHA as the default cipher. I believe it may be coming from Oracle Web Chache.

Is there a way to disable AES and CBC3 ciphers in Web Cache 10.1.2.x?

Locked Post

New comments cannot be posted to this locked post.

Locked on Oct 2 2012

Added on Sep 4 2012

#application, #application-servers, #cache, #oracle-application-server-general, #security, #server, #ssl, #web

0 comments

278 views