Related to CA Single Sign-On product, R12.5x, In CAPKI(ETPKI),
No impact since all EXPORT ciphers are disabled by default, however this can be changed by the embedding products through an API.
CAPKI has been upgraded to 5.1.0 in 12.52 SP1 CR06.
In CA SPS(Secure Proxy Server), OpenSSL is bundled. There may be impact.
However OpenSSL has been upgraded to 1.0.1p in 12.52 SP1 CR4.
For AdminUI, below is reported.
When using the Chrome or Firefox web browsers to connect to the CA SSO Administrative UI (WAMUI) the connection fails and the browsers return Diffie-Hellman key errors.
This issue is occurring in the default configuration of the underlying JBOSS application server, which is bundled with the WAMUI as the 'WAMUI-Prereq".
To resolve this JBOSS 'server.xml' will need to be manually modified.