Search the VMware Knowledge Base (KB)
View by Article ID

Disabling RC4 Cipher on vRealize Log Insight (vRLI) versions prior to 3.3 (2145415)

  • 0 Ratings

Purpose

RC4 ciphers are enabled on the vRLI appliance prior to version 3.3 but they are not strictly required to use the product. This article provides information on disabling RC4 cipher in vRealize Log Insight prior to version 3.3.

Resolution

To resolve this issue, upgrade to vRealize Log Insight 3.3. 
 
To work around this issue, disable RC4 ciphers.
 
To disable RC4 ciphers:

  1. Log in to the vRLI appliance as root through SSH or vSphere Client virtual machine console.
  2. Edit the /usr/lib/loginsight/application/etc/3rd_config/server.xml file.
  3. Locate this section in the file:

    <Connector port="443" maxHttpHeaderSize="65536" protocol="HTTP/1.1" SSLEnabled="true"
                   maxThreads="150" scheme="https" secure="true"
                   clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" compression="1024"
                   protocols="TLSv1.2,TLSv1.1,TLSv1"
                   compressableMimeType ="text/html,text/xml,text/plain,text/css,text/javascript,application/json"
                   keystoreFile="conf/keystore" keystorePass="xesESweqAb9wewRuphuqeJeStuVak59u"/>

        Note: The keystoreFile paramter will not be the same on your appliance as it is a unique hash.

  4. Add a ciphers= directive after the protocols= directive, explicitly listing supported ciphers with RC4 ciphers excluded from the list.

    For example:

    <Connector port="443" maxHttpHeaderSize="65536" protocol="HTTP/1.1" SSLEnabled="true"
                maxThreads="150" scheme="https" secure="true"
                clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" compression="1024"
                protocols="TLSv1.2,TLSv1.1,TLSv1"
                ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
                TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
                TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,
                TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA
                compressableMimeType ="text/html,text/xml,text/plain,text/css,text/javascript,application/json"
                keystoreFile="conf/keystore" keystorePass="xesESweqAb9wewRuphuqeJeStuVak59u"/>

  5. Restart the Log Insight Service for the change to take effect by running the command:

    # service loginsight restart

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: