Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Virtualization Manager (VMAN) > Cipher error after applying RC4 third-party SSL certificate

Cipher error after applying RC4 third-party SSL certificate

Created by Roger Lofamia, last modified by MindTouch on Jun 23, 2016

Views: 200 Votes: 0 Revisions: 3

Overview

This article provides information and recommendation for the Cipher error after applying a RC4 third-party SSL certificate.

Environment

VMAN 6.3.1

Cause 

This issue is related to a JAVA vulnerability with RC4 Cipher suite. RC4 Cipher Suite is considered a weak Cipher algorithim by industry standards and was removed in JAVA version 1.8.0_60 and above. See article below:


https://support.blancco.com/index.ph...-communication


If you generated a certificate using RC4 Cipher algorithm, this will cause the Cipher error when accessing VMAN via SSL (port 8443). See sample error below:


cmmq0015 uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH

 

VMAN 6.3.1 JAVA version does not support RC4 Cipher suite as per the JAVA.

Resolution

Generate a certificate that VMAN Cipher suite supports. See the following list of Cipher suites supported:

  • <value>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</value>
  • <value>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</value>
  • <value>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</value>
  • <value>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</value>
  • <value>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</value>
  • <value>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</value>
  • <value>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</value>
  • <value>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</value>
  • <value>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</value>
  • <value>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</value>
  • <value>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</value>

 

Note: A simple RSA_SHA (SHA256withRSA) is supported and commonly used.

Last modified
04:07, 23 Jun 2016

Tags

Classifications

Public