1 Chnage TLS Cipher suites with ./oggServiceConfig
https://github.com/oracle/docker-images/tree/master/OracleGoldenGate/bin
[oracle@scrbcdhnl006918 conf]$ pwd
/u02/ogg/TICOGG/var/lib/conf
[oracle@scrbcdhnl006918 conf]$ more adminsrvr-config.dat |python -m json.tool
“cipherSuites”: [
“TLS_RSA_WITH_AES_256_CBC_SHA”,
“TLS_RSA_WITH_AES_128_CBC_SHA”,
“SSL_RSA_WITH_RC4_128_SHA”,
“SSL_RSA_WITH_RC4_128_MD5”,
“SSL_RSA_WITH_3DES_EDE_CBC_SHA”
],
oracle@linuxvm01:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL/LOCAL/var/lib/conf % more adminsrvr-config.dat |python -m json.tool
“cipherSuites”: [
“TLS_RSA_WITH_AES_256_CBC_SHA”,
“TLS_RSA_WITH_AES_128_CBC_SHA”,
“SSL_RSA_WITH_RC4_128_SHA”,
“SSL_RSA_WITH_RC4_128_MD5”,
“SSL_RSA_WITH_3DES_EDE_CBC_SHA”
],
1.1 Change TLS Cipher suites of adminsrvr
oracle@linuxvm01:/home/oracle % export http_proxy=”
oracle@linuxvm01:/home/oracle % export https_proxy=”
oracle@linuxvm01:/home/oracle % ./oggServiceConfig https://linuxvm01:18100 LOCAL adminsrvr –user oggadmin –password Oracle1! –path /securityDetails/network/inbound/cipherSuites –value ‘[ “TLS_RSA_WITH_AES_128_CBC_SHA256”, “TLS_RSA_WITH_AES_256_CBC_SHA256” ]’
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
InsecureRequestWarning)
Current value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/adminsrvr” is <not defined>.
Setting new value and restarting service.
New value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/adminsrvr” is
[
“TLS_RSA_WITH_AES_128_CBC_SHA256”,
“TLS_RSA_WITH_AES_256_CBC_SHA256”
].
OGG (not connected) 1> connect https://linuxvm01:18100 as oggadmin password Oracle1!
Using default deployment ‘LOCAL’
OGG (https://linuxvm01:18100 LOCAL) 2> info all
Program Status Group Lag at Chkpt Time Since Chkpt
ADMINSRVR RUNNING
DISTSRVR RUNNING
PMSRVR RUNNING
RECVSRVR RUNNING
OGG (https://linuxvm01:18100 LOCAL) 3> stop deployment *
Deployment ‘LOCAL’ was stopped
OGG (https://linuxvm01:18100 LOCAL) 4> info all
Program Status Group Lag at Chkpt Time Since Chkpt
ADMINSRVR STOPPED
DISTSRVR STOPPED
PMSRVR STOPPED
RECVSRVR STOPPED
OGG (https://linuxvm01:18100 LOCAL) 5> start deployment *
Deployment ‘LOCAL’ was started
OGG (https://linuxvm01:18100 LOCAL) 6>
2019-04-16 15:51:14 INFO OGG-01851 filecaching started: thread ID: 140540492375808.
2019-04-16 15:51:14 INFO OGG-01815 Virtual Memory Facilities for: COM
anon alloc: mmap(MAP_ANON) anon free: munmap
file alloc: mmap(MAP_SHARED) file free: munmap
target directories:
/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/temp/.
oracle@linuxvm01:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/lib/conf % more adminsrvr-config.dat
% more adminsrvr-config.dat |python -m json.tool
{“config”:{“asynchronousOperationEnabled”:true,”authorizationDetails”:{“common”:{“allow”:[“Basic”,”x-Cert”]},”movingExpirationWindowSecs”:900,”sessionDurationSecs”:3600
,”useMovingExpirationWindow”:true},”authorizationEnabled”:true,”configHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/etc/conf/”,”contentUrlR
ewrite”:”/$=/services/v2/content/index.html,/index.html=/services/v2/content/index.html,/content/$=/services/v2/content/index.html,/content$=/services/v2/content/index.
html,/content/=/services/v2/content/,/favicon.ico$=/services/v2/content/css/images/favicon.ico,/css/=/services/v2/content/css/,/js/=/services/v2/content/js/”,”defaultSy
nchronousWait”:30,”deploymentHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/”,”legacyProtocolEnabled”:true,”network”:{“serviceListeningPort”:16101},”pathToDocRoot”:”/ogg_
home/app/oracle/oggma/12.3.0.1.4/lib/htdocs/adminsrvr”,”security”:true,”securityDetails”:{“network”:{“common”:{“authMode”:”clientOptional_server”,”blockSize”:4096,”cert
ACL”:[{“name”:”ANY “,”permission”:”allow”}],”cipherSuites”:[“TLS_RSA_WITH_AES_256_CBC_SHA”,”TLS_RSA_WITH_AES_128_CBC_SHA”,”SSL_RSA_WITH_RC4_128_SHA”,”SSL_RSA_WITH_RC4_1
28_MD5″,”SSL_RSA_WITH_3DES_EDE_CBC_SHA”],”crlEnabled”:false,”crlStore”:”file:”,”id”:”OracleSSL”,”protocolVersion”:”1_2_Or_1_1_Or_1_0_Or_3_0″,”role”:”server”,”wrl”:”file
:./etc/ssl/Deploy1/Server”},”inbound”:{“cipherSuites”:[“TLS_RSA_WITH_AES_128_CBC_SHA256″,”TLS_RSA_WITH_AES_256_CBC_SHA256″],”role”:”server”,”wrl”:”file:/ogg/app/or
acle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/etc/ssl/linuxvm01″,”wrlPassword”:””},”outbound”:{“role”:”client”,”wrl”:”file:/ogg/app/oracle/oggma/12.3.0
.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/etc/ssl/oggmadistsrvr”,”wrlPassword”:””}}},”serverID”:”aed681bc-8440-4618-976f-0a3f20190e5e”,”serverIDShortLabel”:”rtaBvIRARhiXbwo/IB
kOXg”,”storeHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/lib/conf/”,”taskManagerEnabled”:true,”workerThreadCount”:5}
}
1.2 Change TLS Cipher suites of distsrvr
./oggServiceConfig https://linuxvm01:18100 LOCAL distsrvr –user oggadmin –password Oracle1! –path /securityDetails/network/inbound/cipherSuites –value ‘[ “TLS_RSA_WITH_AES_128_CBC_SHA256”, “TLS_RSA_WITH_AES_256_CBC_SHA256” ]’
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
InsecureRequestWarning)
Current value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/distsrvr” is <not defined>.
Setting new value and restarting service.
New value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/distsrvr” is
[
“TLS_RSA_WITH_AES_128_CBC_SHA256”,
“TLS_RSA_WITH_AES_256_CBC_SHA256”
].
1.3 Change TLS Cipher suites of recvsrvr
./oggServiceConfig https://linuxvm01:18100 LOCAL recvsrvr –user oggadmin –password Oracle1! –path /securityDetails/network/inbound/cipherSuites –value ‘[ “TLS_RSA_WITH_AES_128_CBC_SHA256”, “TLS_RSA_WITH_AES_256_CBC_SHA256” ]’
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
InsecureRequestWarning)
Current value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/recvsrvr” is <not defined>.
Setting new value and restarting service.
New value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/recvsrvr” is
[
“TLS_RSA_WITH_AES_128_CBC_SHA256”,
“TLS_RSA_WITH_AES_256_CBC_SHA256”
].
cle@linuxvm01:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL/LOCAL/var/lib/conf % grep -i TLS_RSA_WITH_AES_128_CBC_SHA256 adminsrvr-config.da
{“config”:{“asynchronousOperationEnabled”:true,”authorizationDetails”:{“common”:{“allow”:[“Basic”,”x-Cert”]},”movingExpirationWindowSecs”:900,”sessionDurationSecs”:3600,”useMovingExpirationWindow”:true},”authorizationEnabled”:true,”configHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL/LOCAL/etc/conf/”,”contentUrlRewrite”:”/$=/services/v2/content/index.html,/index.html=/services/v2/content/index.html,/content/$=/services/v2/content/index.html,/content$=/services/v2/content/index.html,/content/=/services/v2/content/,/favicon.ico$=/services/v2/content/css/images/favicon.ico,/css/=/services/v2/content/css/,/js/=/services/v2/content/js/”,”defaultSynchronousWait”:30,”deploymentHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/”,”legacyProtocolEnabled”:true,”network”:{“serviceListeningPort”:16001},”pathToDocRoot”:”/ogg/app/oracle/oggma/12.3.0.1.4/lib/htdocs/adminsrvr”,”security”:true,”securityDetails”:{“network”:{“common”:{“authMode”:”clientOptional_server”,”blockSize”:4096,”certACL”:[{“name”:”ANY “,”permission”:”allow”}],”cipherSuites”:[“TLS_RSA_WITH_AES_256_CBC_SHA”,”TLS_RSA_WITH_AES_128_CBC_SHA”,”SSL_RSA_WITH_RC4_128_SHA”,”SSL_RSA_WITH_RC4_128_MD5″,”SSL_RSA_WITH_3DES_EDE_CBC_SHA”],”crlEnabled”:false,”crlStore”:”file:”,”id”:”OracleSSL”,”protocolVersion”:”1_2_Or_1_1_Or_1_0_Or_3_0″,”role”:”server”,”wrl”:”file:./etc/ssl/Deploy1/Server”},”inbound”:{“cipherSuites”:[“TLS_RSA_WITH_AES_128_CBC_SHA256″,”TLS_RSA_WITH_AES_256_CBC_SHA256″],”role”:”server”,”wrl”:”file:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL/LOCAL/etc/ssl/linuxvm01″,”wrlPassword”:””},”outbound”:{“role”:”client”,”wrl”:”file:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL/LOCAL/etc/ssl/oggmadistsrvr”,”wrlPassword”:””}}},”serverID”:”e26fdc98-99d6-443b-b809-c879b5f10cc6″,”serverIDShortLabel”:”4m/cmJnWRDu4Cch5tfEMxg”,”storeHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL/LOCAL/var/lib/conf/”,”taskManagerEnabled”:true,”workerThreadCount”:5}
1.4 Change TLS Cipher suites of pmsrvr
./oggServiceConfig https://linuxvm01:18100 LOCAL pmsrvr –user oggadmin –password Oracle1! –path /securityDetails/network/inbound/cipherSuites –value ‘[ “TLS_RSA_WITH_AES_128_CBC_SHA256”, “TLS_RSA_WITH_AES_256_CBC_SHA256” ]’
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
InsecureRequestWarning)
Current value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/pmsrvr” is <not defined>.
Setting new value and restarting service.
New value of “/securityDetails/network/inbound/cipherSuites” for “LOCAL/pmsrvr” is
[
“TLS_RSA_WITH_AES_128_CBC_SHA256”,
“TLS_RSA_WITH_AES_256_CBC_SHA256”
].
1.5 Check log
oracle@linuxvm01:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/log % grep -i TLS_RSA_WITH_AES_128_CBC_SHA256 *
adminsrvr.log:2019-04-16T15:22:04.826+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
adminsrvr.log:2019-04-16T15:40:38.997+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
adminsrvr.log:2019-04-16T15:40:39.006+0000 INFO | Cipher installed: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
adminsrvr.log:2019-04-16T15:51:13.937+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
adminsrvr.log:2019-04-16T15:51:13.949+0000 INFO | Cipher installed: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
distsrvr.log:2019-04-16T15:22:05.400+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
distsrvr.log:2019-04-16T15:51:14.435+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
distsrvr.log:2019-04-16T16:06:21.522+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
distsrvr.log:2019-04-16T16:06:21.543+0000 INFO | Cipher installed: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
pmsrvr.log:2019-04-16T15:22:05.088+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
pmsrvr.log:2019-04-16T15:51:14.309+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
pmsrvr.log:2019-04-16T16:11:55.724+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
pmsrvr.log:2019-04-16T16:11:55.724+0000 INFO | Cipher installed: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
recvsrvr.log:2019-04-16T15:22:04.926+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
recvsrvr.log:2019-04-16T15:51:13.854+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
recvsrvr.log:2019-04-16T16:10:50.856+0000 INFO | Ciphersuite id & name: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
recvsrvr.log:2019-04-16T16:10:50.856+0000 INFO | Cipher installed: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (main)
1.6 Add distpath
ADD DISTPATH path1 SOURCE trail://127.0.0.1:16102/services/v2/sources?trail=/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/lib/data/TS TARGET wss://linuxvm01:16103/services/v2/targets?trail=/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/lib/data/TS
oracle@linuxvm01:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/log % tail -f distsrvr.log
2019-04-16T16:21:25.010+0000 INFO | 5 ciphers installed. (path1)
2019-04-16T16:21:25.010+0000 INFO | Cipher installed: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (path1)
2019-04-16T16:21:25.010+0000 INFO | Cipher installed: 0x003d – ‘TLS_RSA_WITH_AES_256_CBC_SHA256’. (path1)
2019-04-16T16:21:25.010+0000 INFO | Cipher installed: 0x0005 – ‘SSL_RSA_WITH_RC4_128_SHA’. (path1)
2019-04-16T16:21:25.010+0000 INFO | Cipher installed: 0x0004 – ‘SSL_RSA_WITH_RC4_128_MD5’. (path1)
2019-04-16T16:21:25.010+0000 INFO | Cipher installed: 0x000a – ‘SSL_RSA_WITH_3DES_EDE_CBC_SHA’. (path1)
2019-04-16T16:21:25.092+0000 INFO | Negotiated cipher: 0x003c – ‘TLS_RSA_WITH_AES_128_CBC_SHA256’. (path1)
2019-04-16T16:21:26.316+0000 INFO | INFO OGG-01892 Oracle GoldenGate Distribution Server for Oracle: Distribution path network is configured as
OS DEFAULT SPECIFIED ACTUAL VALUE
APP_FLUSHBYTES 27985 N/A 27985
APP_FLUSHSECS 1 N/A 1
IP_DSCP DEFAULT N/A DEFAULT
IP_TOS DEFAULT N/A DEFAULT
TCP_NODELAY 0 N/A 0
TCP_QUICKACK 1 1 1
TCP_CORK 0 N/A 0
SO_SNDBUF 16384 N/A 16384
SO_RCVBUF 87380 N/A 87380. (path1)
2019-04-16T16:21:26.435+0000 INFO | INFO OGG-01052 Oracle GoldenGate Distribution Server for Oracle: No recovery is required for target file /ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/lib/data/TS000000000, at RBA 0 (file not opened). (path1)
2019-04-16T16:21:26.492+0000 INFO | INFO OGG-02243 Oracle GoldenGate Distribution Server for Oracle: Opened trail file /ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/var/lib/data/TS000000000 at 2019-04-16 16:21:26.492925. (path1)
2019-04-16T16:21:26.492+0000 INFO | Response returned with HTTP/1.1 200 OK 509 (Thread 8)
1.7 View the configuration
oracle@linuxvm01:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/ServiceManager/var/lib/conf % grep -i TLS *
ServiceManager-config.dat:{“config”:{“asynchronousOperationEnabled”:true,”authorizationDetails”:{“common”:{“allow”:[“Basic”,”x-Cert”]},”movingExpirationWindowSecs”:900,”sessionDurationSecs”:3600,”useMovingExpirationWindow”:true},”authorizationEnabled”:true,”configHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/ServiceManager/etc/conf/”,”contentUrlRewrite”:”/$=/services/v2/content/index.html,/index.html=/services/v2/content/index.html,/content/$=/services/v2/content/index.html,/content$=/services/v2/content/index.html,/content/=/services/v2/content/,/favicon.ico$=/services/v2/content/css/images/favicon.ico,/css/=/services/v2/content/css/,/js/=/services/v2/content/js/”,”defaultSynchronousWait”:30,”deploymentHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/”,”inventoryLocation”:”/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/ServiceManager/etc/conf”,”legacyProtocolEnabled”:false,”network”:{“serviceListeningPort”:18100},”pathToDocRoot”:”/ogg/app/oracle/oggma/12.3.0.1.4/lib/htdocs/ServiceManager”,”security”:true,”securityDetails”:{“network”:{“common”:{“authMode”:”server_only”,”blockSize”:4096,”certACL”:[{“name”:”ANY “,”permission”:”allow”}],”cipherSuites”:[“TLS_RSA_WITH_AES_256_CBC_SHA”,”TLS_RSA_WITH_AES_128_CBC_SHA”,”SSL_RSA_WITH_RC4_128_SHA”,”SSL_RSA_WITH_RC4_128_MD5″,”SSL_RSA_WITH_3DES_EDE_CBC_SHA”],”crlEnabled”:false,”crlStore”:”file:”,”id”:”OracleSSL”,”protocolVersion”:”1_2_Or_1_1_Or_1_0_Or_3_0″,”role”:”server”,”wrl”:”file:./etc/ssl/Deploy1/Server”},”inbound”:{“role”:”server”,”wrl”:”file:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/ServiceManager/etc/ssl/linuxvm01″,”wrlPassword”:””}}},”serverID”:”c6279ef4-2b02-452f-bc8a-5e33e4033bdd”,”serverIDShortLabel”:”xiee9CsCRS+8il4z5AM73Q”,”storeHome”:”/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/ServiceManager/var/lib/conf/”,”workerThreadCount”:5}
oracle@linuxvm01:/home/oracle % ./oggServiceConfig https://linuxvm01:18100 LOCAL adminsrvr –user oggadmin –password Oracle1!
/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
InsecureRequestWarning)
Current value of “/” for “LOCAL/adminsrvr” is
{
“authorizationDetails”: {
“common”: {
“allow”: [
“Basic”,
“x-Cert”
]
}
},
“authorizationEnabled”: true,
“legacyProtocolEnabled”: true,
“network”: {
“serviceListeningPort”: 16101
},
“security”: true,
“securityDetails”: {
“network”: {
“common”: {
“authMode”: “clientOptional_server”,
“blockSize”: 4096,
“cipherSuites”: [
“TLS_RSA_WITH_AES_256_CBC_SHA”,
“TLS_RSA_WITH_AES_128_CBC_SHA”,
“SSL_RSA_WITH_RC4_128_SHA”,
“SSL_RSA_WITH_RC4_128_MD5”,
“SSL_RSA_WITH_3DES_EDE_CBC_SHA”
],
“crlEnabled”: false,
“crlStore”: “file:”,
“id”: “OracleSSL”,
“protocolVersion”: “1_2_Or_1_1_Or_1_0_Or_3_0”
},
“inbound”: {
“cipherSuites”: [
“TLS_RSA_WITH_AES_128_CBC_SHA256”,
“TLS_RSA_WITH_AES_256_CBC_SHA256”
],
“role”: “server”,
“wrl”: “file:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/etc/ssl/linuxvm01”,
“wrlPassword”: “”
},
“outbound”: {
“role”: “client”,
“wrl”: “file:/ogg/app/oracle/oggma/12.3.0.1.4/DEPLOYMENT_LOCAL_tls2/LOCAL/etc/ssl/oggmadistsrvr”,
“wrlPassword”: “”
}
}
},
“taskManagerEnabled”: true,
“workerThreadCount”: 5
}
2 Create new OGG MA deployment with TLS1.2(TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256)
Edit response file:
#——————————————————————————-
# Specify the Cipher Suites to be used for SSL.
#——————————————————————————-
CIPHER_SUITES=TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256
#TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA
