0 Replies Latest reply: May 7, 2012 9:19 AM by user10301737 RSS

    Oracle HTTP Server 11.1.1.6 and Sun System Webserver 7

    user10301737
      I need to be able to make a secure proxy connection from Oracle HTTP server 11.1.1.6 to Sun System Webserver 7. Our organization requires that we use TLS to communicate over SSL. I can't seem to get TLS working just SSLV3. Has anyone got this working?? My configuration is below.


      Oracle HTTP Server 11.1.1.6:

      <IfModule mod_weblogic.c>
      Debug ON
      Debug ALL
      WLLogFile E:/temp/wlproxy.log
      SecureProxy On
      WlSSLWallet "${ORACLE_INSTANCE}/config/OHS/ohs6/proxy-wallet"
      KeepAliveEnabled OFF
      DebugConfigInfo ON
      #DynamicServerList off
      #WLProxySSL ON
      #WLProxySSLPassThrough ON
      SSLProtocol nzos_Version_1_0 nzos_Version_3_0_With_2_0_Hello nzos_Version_3_0
      SSLCipherSuite TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,TLS_RSA_EXPORT1024_WITH_RCA_56_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

      </IfModule>

      Sun System Webserver 7:

      <ssl>
      <server-cert-nickname>cert-REDSLSAVM106136.BUSAPPS.logsa.army.mil</server-cert-nickname>
      <ssl3>false</ssl3>
      <tls>true</tls>
      <ssl2-ciphers />
      - <ssl3-tls-ciphers>
      <SSL_RSA_WITH_DES_CBC_SHA>true</SSL_RSA_WITH_DES_CBC_SHA>
      <SSL_RSA_EXPORT_WITH_RC4_40_MD5>true</SSL_RSA_EXPORT_WITH_RC4_40_MD5>
      <SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5>true</SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5>
      <SSL_RSA_FIPS_WITH_DES_CBC_SHA>true</SSL_RSA_FIPS_WITH_DES_CBC_SHA>
      <TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA>true</TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA>
      <TLS_ECDHE_RSA_WITH_RC4_128_SHA>true</TLS_ECDHE_RSA_WITH_RC4_128_SHA>
      <TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA>true</TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA>
      <TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA>true</TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA>
      <TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA>true</TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA>
      <TLS_RSA_EXPORT1024_WITH_RC4_56_SHA>true</TLS_RSA_EXPORT1024_WITH_RC4_56_SHA>
      </ssl3-tls-ciphers>
      </ssl>