Friday, July 11, 2014

WebLogic supported Cyphers

The list of the possible strong cyphers not that long:

AES256-GCM-SHA384      TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD

AES256-SHA256                TLSv1.2 Kx=RSA     Au=RSA  Enc=AES(256)  Mac=SHA256

AES128-GCM-SHA256      TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD

AES128-SHA256                TLSv1.2 Kx=RSA     Au=RSA  Enc=AES(128)  Mac=SHA256

AES256-SHA                       SSLv3 Kx=RSA       Au=RSA  Enc=AES(256)  Mac=SHA1

DES-CBC3-SHA                  SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1

AES128-SHA                       SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1

and they are all supported by most popular Content Delivery appliances.

According to Oracle doc, WebLogic supports SSL3 and TLS1, you can restrict the protocols with the 2 properties and (funnily it seems that the property value is spelled slightly differently in the 2 properties)

Interestingly it seems that support for TLS version > 1.0 is available only with Java 7.

So if you run on Java 6 the only option available is using SSL3.

WebLogic these days supports only the "JSSE-based SSL implementation", and the Cypher Suites are listed here for Java 6 and Java 7

No comments: