Weblogic Administration Console being blocked by browser - SSL server probably obsolete

Question

We are usng Weblogic 8.1 and administration console suddenly stopped and inaccessible today.

For more than a year we use to access it until today as it is being blocked by these browsers:

1. Internet Explorer - There is a problem with this website's security certificate. When i click continue, it's not redirecting to the admin console.

2. Google Chrome - SSL server probably obsolete. ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION

3. Firefox - Secure Connection Failed An error occurred during a connection to 192.168.0.18:17050. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

Answer 1

You are running a very old version of JRocket Java equivalent to 1.4. There is a SSL protocol mismatch between your modern browsers and Weblogic's JRocket.

My best guess is to install the JRocket Java Cryptography Extension (JCE) Unlimited Strength files into your JRocket to boost the cipher list.

nmap has a ssl-enum-ciphers that will be able to print out the list of ciphers avialable before and after you install the Unlimited Strength files. See answer.

Answer 2

As an alternative and very ugly solution in Firefox.

Try this.

Enable support for 40-bit RSA encryption in the Firefox Browser:

• enter 'about:config' in Browser Address bar
• find/select
• "security.ssl3.rsa_rc4_40_md5" set boolean to TRUE

Or this.

• Open a new tab in Firefox and type “about:config” in the URL bar
• You would get a warning dialog box, click Promise to be careful and move on
• In the search bar, enter the following security.tls.version
• First, right-click on the setting “security.tls.version.fallback-limit” and select modify. You’re going to change the “1” to “0”. Then do the same thing with “security.tls.version.min”, changing the “1” to “0”.