DevTest 10.3.0 - Security Vulnerability - Weak RSA Key less than 2048

Document ID : KB000112660
Last Modified Date : 31/08/2018
Show Technical Document Details
Issue:
DevTest security vulnerability, Weak RSA Key less than 2048, on DevTest 10.3 server. 
Resolution:
1. Add this entry to every .vmoptions file:

-Dhttps.protocols=TLSv1.2

2. Add this properties to the site.properties file of where the Registry is running:

lisa.server.https.cipher.suites=TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256

3. Update this file DEVTEST_HOME/jre/lib/java.security, change property to this value:

jdk.tls.disabledAlgorithms=TLSv1, MD5, SSLv3, SSLv2, DSA, DESede, DES, RSA keySize < 2048 Restart all of your DevTest components and re-scan.