Some of the SSL Ciphers offered by the default configuration of Tomcat included as part of the Intelligence Center package are flagged as weak by modern browsers. This can be corrected with a small configuration change.
Follow this procedure to update the configuration:
Browse to your Intelligence Center installation directory, such as, C:\BlueCoat\IntelligenceCenter\apache-tomcat-6.0.33\webapps\ROOT\conf\ .
Use your preferred text editor, and use the search function to find the following string: "ciphers=". This will take you to approximately line 164.
The value between the quotation marks contains the complete list of the SSL ciphers offered to SSL clients. Delete everything between these quotes, so that you are left with the line ending: ciphers="" />
Paste the following line between those quotation marks (note this is all one line; breaks appear here for clarity, there should be no breaks in the pasted text): TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA
Save and close server.xml.
Click start, and type "services.msc", and open the services dialogue.
Select "Blue Coat IntelligenceCenter 3.x.x.x" from the list, and restart the service.
Imported Document ID: 000028322
Subscribing will provide email updates when this Article is updated. Login is required.