How can I check and change the current SSL protocol and cipher suites used in R12.7 AdminUI?

Document ID : KB000016681
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

We have installed AdminUI and we use HTTPS to access it, but we would like to check which SSL protocol and which cipher suites are enabled by default as we would like to adjust them, and we noticed this has changed in R12.7. How we can check this?

Environment:
AdminUI R12.7
Answer:

You can check these details in the standalone-full.xml file, located under the /standalone/configuration folder in your AdminUI installation path, in the https-listener configuration. This is the default configuration:

<https-listener enabled-cipher-suites="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA" enabled-protocols="TLSv1.1,TLSv1.2" name="https" security-realm="SSLRealm" socket-binding="https"/>

Ā 

Additional Information: