how to define secure protocol for clm applications communications
Our CLm setup is 6.0.5 version with bundled liberty profile and IHS as reverse proxy.
We have each applications (JTS,CCM, QM, RM, LDX, LQE, RELM, JRS, DM, GC, DCC,) are installed in different servers and we are using oracle 12c as DATABASE server.
So now we have enable mutual ssl authentication between liberty Application servers and database servers. and created the tables.
Since we are using clm 6.0.5 with jdk i.8, and
Jdbc Driver Name: Oracle JDBC driver
Jdbc Driver Version: 12.1.0.1.0 , There are some vulnerable protocol to make the communication over ssl as per the sites.
How can we identify that which protocol are using in CLM applications for communication over ssl (DB or between other application) and how can set to use secure protocols for communications and what configurations need to be done.
One answer
It seems that you are going in circles after asking all these questions related to SSL connections on this forum. You said that you're using JDK 1.8 and the two links that you provided mention JDK 1.7. How do you see they are related? If you want to verify the actual protocol being used in an SSL connection, capture the network traffic using either Wireshark (on Windows) or tcpdump (on Linux), and you can find it out by analyzing the network packets. If you don't know how to do that, ask a network engineer/administrator for help.
Comments
Donald Nong
Mar 30 '18, 3:50 a.m.What is "vulnerable protocol"? Where did you read this? If you need help, provide the details. If you are talking about SSL protocols, TLSv1.2 is the most secure you can get.
vowner owner
Apr 02 '18, 12:30 a.m.Hi Donald,