Oracle Weblogic Server (MOSC)

MOSC Banner

SSL Medium Strength Cipher Suites Supported (SWEET32) on Weblogic Server

We have been informed by IT Security team regarding our Weblogic server is vulnerable by captioned issue. We have tried to modified java security configuration and openSSL configuration file to see if this alert to be gone. Unfortunately, the alert is still occurred after changes. Here is what I have done.

ssl.conf

SSLProtocol -ALL -SSLv3 -TLSv1 +TLSv1.2

SSLCipherSuite HIGH:!ECDHE-ECDSA-AES128-GCM-SHA256:!ECDHE-RSA-AES128-GCM-SHA256:!ECDHE-ECDSA-AES256-GCM-SHA384:!ECDHE-RSA-AES256-GCM-SHA384:!ECDHE-ECDSA-CHACHA20-POLY1305:!ECDHE-RSA-CHACHA20-POLY1305:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-GCM-SHA384

Please suggest any more configuration is needed. I have also found in Google, and seen some suggestion to add value to java startup scripts. If it's true, then should I add them to each server startup parameter? Or I can add into any Java configuration that can be affected globally.

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center