OMSA 5.5.0 and SSL

Marshal_Savage at Marshal_Savage at
Wed Mar 17 15:12:01 CDT 2010

If you update to the latest version of OMSA (6.2) you can configure the web server preferences for how the SSL encryption is negotiated.

In the user guide search for SSL Encryption

====excerpt from the user guide=====

The SSL Encryption field specifies the encryption levels for the secured HTTPS sessions. The available encryption levels include Auto Negotiate and 128-bit or higher.

Auto Negotiate: To allow connection from browser with any encryption strength. The browser auto negotiates with the Server Administrator web server and uses the highest available encryption level for the session. Legacy browsers with weaker encryption can connect to the Server Administrator.

128-bit or higher: To allow connections from browsers with 128-bit or higher encryption strength. One of the following cipher suites will be applicable based upon the browser for any established sessions:









Key Signing Algorithm displays the supported signing algorithms. Select an algorithm from the drop down list. If you select either SHA 512 or SHA 256, ensure that your operating system/browser supports this algorithm. If you select one of these options without the requisite operating system/browser support, Server Administrator displays a "cannot display the webpage" error. This field is meant only for Server Administrator auto-generated self-signed certificates. The drop down list will be grayed out if you import or generate new certificates into Server Administrator

-----Original Message-----
From: linux-poweredge-bounces-Lists On Behalf Of Mark Watts
Sent: Wednesday, March 17, 2010 5:09 AM
To: linux-poweredge-Lists
Subject: OMSA 5.5.0 and SSL

Is there any way to change the SSL Ciphers offered by OMSA?
We're being warned about it offering weak ciphers by an audit tool.



Mark Watts BSc RHCE MBCS
Senior Systems Engineer, Managed Services Manpower QinetiQ - Delivering customer-focused solutions GPG Key:

More information about the Linux-PowerEdge mailing list