AE web service using ciphers no longer supported

Document ID : KB000014360
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

If i edit the server.xml file and remove the cipher 

TLS_DHE_DSS_WITH_AES_128_CBC_SHA, will it cause any issue during our upgrade?

 

Question:

We are currently experiencing an issue with the AE web service in clients are not able to connect

and getting a message of a weak hellman cipher, [SSL: SSL_NEGATIVE_LENGTH] dh key too small} . 

We are currently planning upgrades to the latest SP but will take some considerable time. 

What I am looking to  understand is if i edit the server.xml file and remove the cipher 

TLS_DHE_DSS_WITH_AES_128_CBC_SHA, will it cause any issue during our upgrade?

 

Answer:

Yes you can change the server.xml file before the upgrade. The problem is that when you upgrade, it 

will add it back in more than likely. You would need to repeat and remove it again after the upgrade.