Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

how to define secure protocol for clm applications communications

 



Our CLm setup is 6.0.5 version with bundled liberty profile and IHS as reverse proxy.

We have each applications  (JTS,CCM, QM, RM, LDX, LQE, RELM, JRS, DM, GC, DCC,) are installed in different servers and we are using oracle 12c as DATABASE server.


So now we have enable mutual ssl authentication between liberty Application servers and database servers. and created the tables.

Since we are using clm 6.0.5 with jdk i.8, and 

Jdbc Driver Name: Oracle JDBC driver
  Jdbc Driver Version: 12.1.0.1.0 , There are some vulnerable protocol to make the communication over ssl as per the sites.
  
How can we identify that which protocol are using in CLM applications for communication over ssl (DB or between other application) and how can set to use secure protocols for communications and what configurations need to be done.

0 votes

Comments

What is "vulnerable protocol"? Where did you read this? If you need help, provide the details. If you are talking about SSL protocols, TLSv1.2 is the most secure you can get.

 Hi Donald,


Please find the below link references.


in Clm 6.0.3 version we are using jdk 1.7 only which have many issues when enabling mutual authentication .

We are using bundled liberty for alm applications and where in the server.xml file the default protocol is set to "SSl" but where as in the server.startup file there are enabled sslv2. Also some default ciphersuits are mentioned in server.xml file.


How to identify what protocol and ciphersuit is using for clm applications and how to make the protocol to listen only secured protocol.



One answer

Permanent link

It seems that you are going in circles after asking all these questions related to SSL connections on this forum. You said that you're using JDK 1.8 and the two links that you provided mention JDK 1.7. How do you see they are related? If you want to verify the actual protocol being used in an SSL connection, capture the network traffic using either Wireshark (on Windows) or tcpdump (on Linux), and you can find it out by analyzing the network packets. If you don't know how to do that, ask a network engineer/administrator for help.

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 1,698
× 382

Question asked: Mar 29 '18, 2:49 a.m.

Question was seen: 2,295 times

Last updated: Apr 05 '18, 2:21 a.m.

Confirmation Cancel Confirm