RSA Admin

Disabling weak ciphers in an LS

Discussion created by RSA Admin Employee on Mar 4, 2011
Latest reply on Mar 7, 2011 by David Bruskin
I'm prepping to upgrade our LS 3.7.0 system to version 4.0.  


We disabled weak ciphers on 3.7.0 in two places:


  • E:\nic\3700\<nodename>\conf\server.xml
  • C:\Program Files (x86)\Dell\SysMgt\iws\config\keystore.ini 


I was just looking over a hardening checklist that we used at the time we implemented 3.7.0, and it says that disabling weak ciphers for the server.xml file was only done on the A-SRV


It does not instruct to disable them in the server.xml file on the D-SRV or Remote Collectors.


Is this correct?  Would disabling of weak ciphers only need to be done for both bulleted items above on an LS A-SRV, and not the D-SRV or Remote Collector?


Thanks in advance,

--== John