I am trying to set up SSL/TLS for my weblogic admin console. Note this is not for the Weblogic Server but for the admin console.
I would like to specifically set the the admin console to only use TLS 1.2. Originally I thought that I could set it under setEnv and set the java_admin_options or something like that but I still was able to connect to it via SSlv3.
Also if possible can cipher suites be set for the admin console as well? I know how to set them for the regular server, but unsure on how to set them for for the admin server.
Best Answer
you can add the following line of code in commEnv.sh file.(i am using it on weblogic 12c)
This will only enable TLS on admin server as per requirement.
you can also try -Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.0 parameter in commEnv.sh file which will disable SSLv3.
You can change the cipher suites on admin server as mentioned below by adding it under ssl tab in config.xml
<server> <name>AdminServer</name> <ssl> <name>AdminServer</name> <enabled>true</enabled> <ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> <ciphersuite>TLS_RSA_WITH_AES_256_CBC_SHA</ciphersuite> <ciphersuite>TLS_RSA_WITH_3DES_EDE_CBC_SHA</ciphersuite> <ciphersuite>TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA</ciphersuite>