Integration

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Getting OHS to use NULL-SHA cipher

618756Jan 21 2008

I have been trying to get OHS to do TLS using the NULL-SHA cipher, but I have not been successful. I'm doing the following:

1. Set the SSLCipherSuite directive in ssl.conf to be "ALL:!ADH:!EXPORT56:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP:eNULL", which according to the "openssl ciphers -v 'ALL:!ADH:!EXPORT56:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP'" command includes the NULL-SHA cipher.

2. Restart OHS

3. Try connecting to the machine via openssl's s_client command:
openssl s_client -connect myserver.oracle.com:443 -cert client.cert.pem -key client.key.pem -debug -cipher NULL-SHA -CAfile server.cert.pem

Step #3 fails, but if I change NULL-SHA to AES128-SHA, then it works. Moreover, it also works if I remove the "-cipher" directive.

I suspect that there is some security setting that prevents OHS from using the NULL-SHA cipher, but I have no idea where this security setting is. Any idea how I can get my OHS to use the NULL-SHA cipher?

Locked Post

New comments cannot be posted to this locked post.

Locked on Feb 18 2008

Added on Jan 21 2008

#application-servers, #oracle-application-server-general

0 comments

401 views