RESULTS:
| PROTOCOL | CIPHER | NAME | GROUP | KEY-SIZE | FORWARD-SECRET | CLASSICAL-STRENGTH | QUANTUM-STRENGTH |
| TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | ECDHE | secp192r1 | 192 | yes | 96 | low |
| TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | ECDHE | sect163r2 | 163 | yes | 81 | low |
| TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | ECDHE | sect163k1 | 163 | yes | 81 | low |
openssl s_client -connect 192.168.2.30:7022 -tls1_2 -cipher ECDHE-RSA-AES256-GCM-SHA384 -curves prime192r1
you get a response
When Qualys scans Authentication Manager, it will request small curves > 224 bits (secp192r1, sect163r2, & sect163k1) with the ECDHE-RSA-AES256-GCM-SHA384 Cipher, which will result in Weak Cipher finding, QID 38863, even with the latest QID 38863 update from August 2022.
RSA Support has two 'solutions' to this problem.
1. Edit config.xml to remove ECDHE-RSA-AES* Ciphers, which prevents the finding, or
2. The Engineering Response demonstrates that the Flaw exists but is not exploitable, use those details to apply for a valid exemption
3. Update to later versions of AM
These ECDHE Ciphers are included in Authentication Manager for compatibility with older browser versions.
This cipher situation is fixed in AM 8.7 SP1 P2 and later up to AM 8.7 SP2 P6. AM 8.8 introduced TLS ver. 1.3 and defers ciphersuite control to the Java JRE
Effective with scanner version 12.11.28-1, released 08/01/2022, QID 38863 has been updated.
https://success.qualys.com/discussions/s/question/0D52L00007ZkxrCSAR/effective-with-scanner-version-1211281-released-08012022-qid-38863-has-been-updated
By default, the ECDHE-RSA-AES256-GCM-SHA384 Cipher on an Authentication Manager server will use a strong curve, 521 bits
But if a short/weak curve is requested, with < 224 bits (secp192r1, sect163r2, & sect163k1), which is what a Qualys scan does, e.g.
openssl s_client -connect 192.168.2.30:7022 -tls1_2 -cipher ECDHE-RSA-AES256-GCM-SHA384 -curves prime192r1
Authentication Managers appears to agree, but we can see in the eventual connection that AM server sends Cipher Change to secp256r1, refusing the short curve request.
Work-around for earlier versions of AM
Edit /opt/rsa/am/server/config/config.xml on an AM 8.x primary or replica
or
/opt/RSASecurity/RSAAuthenticationManagerWebtier/server/config/config.xml on a Web Tier
to remove the 4x TLS_ECDHE_RSA_WITH_AES… ciphers and add two TLS_DHE_RSA_WITH_AES Ciphers, to end up with the 4x <ciphersuite> sections ** looking like this
<ciphersuite>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</ciphersuite>
<ciphersuite>TLS_DHE_RSA_WITH_AES_256_GCM_SHA384</ciphersuite>
<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_AES_128_GCM_SHA256</ciphersuite>
<ciphersuite>TLS_RSA_WITH_AES_256_CBC_SHA</ciphersuite>
<ciphersuite>TLS_RSA_WITH_AES_256_GCM_SHA384</ciphersuite>
:wq!
cd ../
./rsaserv restart all
In /opt/rsa/am/server/config/config.xml
The 4x <ciphersuite> sections were under:
name>AdminServer</name>
<name>biztier</name>
<name>console</name>
and
<name>radiusoc</name>
Theoretically it is possible to edit /opt/rsa/am/server/config/config.xml and remove weak ciphersuites based on ECDHE or signed with SHA1, this modification is not supported and is not tested during Quality Engineering regression testing. It has been found to:
a) break Trusted Realm connections in AM 8.7 SP1 and AM 8.7 SP2
b) slow performance on AM consoles.
Proceed with caution at your own risk.
Warning: You cannot edit config.xml while WebLogic Server is executing, since WebLogic Server rewrites the file periodically. Your changes will be lost and, depending on your platform, you could cause WebLogic Server failures.
Stop AM services first, restart after finish editing config.xml
