Support Article
Weak Ciphers::Weak SSL cipher suites are supported
SA-10681
Summary
User requires to store the passwords in cryptographical format. It was observed that weak ciphers could potentially lead to the possibility of a session being recorded and later on decrypted.
Resolution
Below is the Dynamic System Setting that can be used for storing passwords in a cryptographically strong format for PRPC 6.2 SP1 and PRPC6.3 SP1. Set the value as true
prconfig/crypto/v5oneway/default ruleset Pega-Engine
Use the below DSS setting for site cipher. Set the value as fully qualified name.
prconfig/crypto/sitecipherclass/default ruleset Pega-Engine
Refer Encrypting PRPC properties and BLOBs in PDN: http://pdn.pega.com/node/108126
Refer Integration Services and Connectors, Email, and Agents requiring external authentication section in the above PDN article to know about the impact with various integrations with external systems which uses Connect-* or Service-* methods or any Listeners like File/JMS/MQ or any other integration techniques in Pega
Refer Integration Services and Connectors, Email, and Agents requiring external authentication section in the above PDN article to know about the impact with Agent processing, File Upload from UI portals (User/Manager Portals), Export to excel/Export to PDF feature of Reports, BIX extracts.
There will be no impact while using developer tools such as Tracer and Clipboard.
Published June 26, 2015 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.