It's all about the answers!

Ask a question

how to define secure protocol for clm applications communications


vowner owner (25834) | asked Mar 29 '18, 2:49 a.m.

 



Our CLm setup is 6.0.5 version with bundled liberty profile and IHS as reverse proxy.

We have each applications  (JTS,CCM, QM, RM, LDX, LQE, RELM, JRS, DM, GC, DCC,) are installed in different servers and we are using oracle 12c as DATABASE server.


So now we have enable mutual ssl authentication between liberty Application servers and database servers. and created the tables.

Since we are using clm 6.0.5 with jdk i.8, and 

Jdbc Driver Name: Oracle JDBC driver
  Jdbc Driver Version: 12.1.0.1.0 , There are some vulnerable protocol to make the communication over ssl as per the sites.
  
How can we identify that which protocol are using in CLM applications for communication over ssl (DB or between other application) and how can set to use secure protocols for communications and what configurations need to be done.


Comments
Donald Nong commented Mar 30 '18, 3:50 a.m.

What is "vulnerable protocol"? Where did you read this? If you need help, provide the details. If you are talking about SSL protocols, TLSv1.2 is the most secure you can get.


vowner owner commented Apr 02 '18, 12:30 a.m.

 Hi Donald,


Please find the below link references.


in Clm 6.0.3 version we are using jdk 1.7 only which have many issues when enabling mutual authentication .

We are using bundled liberty for alm applications and where in the server.xml file the default protocol is set to "SSl" but where as in the server.startup file there are enabled sslv2. Also some default ciphersuits are mentioned in server.xml file.


How to identify what protocol and ciphersuit is using for clm applications and how to make the protocol to listen only secured protocol.

One answer



permanent link
Donald Nong (14.5k614) | answered Apr 05 '18, 2:21 a.m.

It seems that you are going in circles after asking all these questions related to SSL connections on this forum. You said that you're using JDK 1.8 and the two links that you provided mention JDK 1.7. How do you see they are related? If you want to verify the actual protocol being used in an SSL connection, capture the network traffic using either Wireshark (on Windows) or tcpdump (on Linux), and you can find it out by analyzing the network packets. If you don't know how to do that, ask a network engineer/administrator for help.

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.