Google Chrome in it's latest update ( Version 48 ) stopped support for the RC4 Cipher. Which would mean that all Weblogic Installations with SSL implementation using this Cipher key will fail to load.
RC4 Cipher was used as a work around when last year during one of chrome's update Diffie-Hellman Public Key had expired. Now after the version 48 update, Google no longer considers the RC4 cipher as secure enough.
So when you access any page hosted on weblogic using the SSL implemented URL you will get the following error on screen,
ERROR_SSL_VERSION_OR_CIPHER_MISMATCH
The Client and Server don't support a common SSL protocol version or cipher suite. This is likely to be caused when server needs RC4, which is no longer considered secure.
The resolution for the same is to remove the RC4 Cipher key and add a new key that Google Chrome 48 supports the issue. A friend of mine has documented the resolution at his blog.
No comments:
Post a Comment