vRealize Hyperic 5.8.4 has the default configuration for Tomcat 6 of encrypted connection parameters. Using the latest browsers Chrome and Firefox can thus collide with the message “Server has a weak, temporary Diffie-Hellman public key”. Fortunately, this can be quickly remedied by improving the “Connector” section in the file serwer.xml. Described by me change can be implemented in both versions, installed on a Windows server and the installed as vRealize Hyperic Appliance.
The settings file is in the directory /opt/hyperic/server-current/hq-engine/hq-server/conf/ (appliance). Open server.xml and edit section Connector, the correct settings:
<Connector port="${server.webapp.secure.port}" executor="tomcatThreadPool" maxHttpHeaderSize="8192" emptySessionPath="true" protocol="HTTP/1.1" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" keystoreFile="${server.keystore.path}" keystorePass="${server.keystore.password}" truststoreFile="${server.keystore.path}" truststorePass="${server.keystore.password}" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" sslProtocol="TLS" protocols="TLSv1,TLSv1.1,TLSv1.2" URIEncoding="UTF-8"/>
After write config restart the server.
Rate this article:
[Total: 0 Average: 0]