Error Cause : As weblogic deployed oam_server1’s SSL is below SSL 3.0 standard, so the new browsers(recognize SSL 3.0 onwards) will throw below error :
Solution :
- Login to admin console, click on oam_server1 => SSL => Advanced
2. Select the Use JSSE SSL
Restart AdminServer and oam_server1 and verify the SSL is now 3.0
If Still issue continues with error :
Error Cause :SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message
Solution :
Add green selected ciphersuites in config.xml
cd /d01/Weblogic/FMW/user_projects/domains/OAMDomain/config
vi config.xml
<ssl>
<name>oam_server1</name>
<enabled>true</enabled>
<ciphersuite>TLS_RSA_WITH_RC4_128_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_RC4_128_MD5</ciphersuite>
<ciphersuite>SSL_RSA_WITH_RC4_128_MD5</ciphersuite>
<ciphersuite>SSL_RSA_WITH_RC4_128_SHA</ciphersuite>
<ciphersuite>SSL_RSA_WITH_3DES_EDE_CBC_SHA</ciphersuite>
<ciphersuite>SSL_RSA_WITH_DES_CBC_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
Restart AdminServer and oam_server1.
0 responses on "OAM, X509, SSL Issue : SSL server probably obsolete or SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message"