Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Encryption Vulnerability Security SCAN DS

807573Mar 12 2008 — edited Mar 12 2008

I created DS instances. While running security scan for Encryption Vulnerability I found out that following ports are supporting weak SSL.

port 636/tcp over SSL
port 11163/tcp over SSL
port 32772/tcp over SSL
port 3999/tcp over SSL
port 1636/tcp over SSL
How to Disable ciphers which support cleartext communication. Or what is fix for this.

Thanks
Pramod

Anuj Dwivedi-Oracle

Hi kamil,

Your question is not very clear. If I understood right, then you are talking about the scenario when Oracle B2B sends message to it's remote TP(outbound case) and Remote TP's server has client authentication enabled.

If above is the case, then you just enable SSL at your B2B by following below link and rest would be done at the runtime -

http://www.b2bgurus.com/2007/08/ssl-setup-for-oracle-as-b2b.html

If you want to enable client authentication at your B2B server, then please refer SSL Client Authentication section of below doc -

http://www.oracle.com/technology/products/integration/b2b/pdf/B2B_TN_023_SSL.pdf

Note :- By default client authentication remains turned off.

Regards,
Anuj

Edited by: Anuj Dwivedi, Infosys on Aug 6, 2009 6:27 PM

1 - 1

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 9 2008

Added on Mar 12 2008

#identity-management, #oracle-unified-directory-oud-oracle-directory-server-enterprise-edition-sun-dsee

2 comments

240 views

Security Software

Encryption Vulnerability Security SCAN DS

Comments

Post Details