Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Weak Ciphers on Web Dispatchers

Former Member

‎01-08-2013 6:40 PM

0 Kudos

Hi,

our Web dispatcher is in DMZ to communicate our portal securely through HTTPS.

we did some scans and it revealed that there are some weak ciphers enabled. i checked sap note 510007 point 6 and decided to add the parameter in web dispatcher profile.

ssl/ciphersuites=LOW

could you please check & confirm if that is enough or add any other parameters ?

4 REPLIES 4

Former Member

‎01-08-2013 6:49 PM

0 Kudos

By setting that parameter, you made the security worse. If you want the highest level of security you have to set the parameter to HIGH. Depending on the NetWeaver version, the default setting of ciphersuite includes LOW and EXPORT which you can omit.

You should test with all browsers, devices and operating systems before committing to a specific value for ciphersuite.

Former Member
In response to Former Member

‎01-08-2013 6:54 PM

0 Kudos

yes , i was just reading the note again. so i am going to use. is that ok ?

ssl/ciphersuites= HIGH:MEDIUM


Former Member
In response to Former Member

‎01-08-2013 6:56 PM

0 Kudos

Yes but make note on what I wrote about compatibility. Restricting the ciphers too much might render your application inaccessible to some devices.

Former Member
In response to Former Member

‎01-08-2013 7:00 PM

0 Kudos

our web dispatcher version in on 640.