If you update to the latest version of OMSA (6.2) you can configure the web server preferences for how the SSL encryption is negotiated.
In the user guide search for SSL Encryption http://support.dell.com/support/edocs/software/svradmin/6.2/en/UG/HTML/using.htm#wp1043676 ====excerpt from the user guide===== The SSL Encryption field specifies the encryption levels for the secured HTTPS sessions. The available encryption levels include Auto Negotiate and 128-bit or higher. Auto Negotiate: To allow connection from browser with any encryption strength. The browser auto negotiates with the Server Administrator web server and uses the highest available encryption level for the session. Legacy browsers with weaker encryption can connect to the Server Administrator. 128-bit or higher: To allow connections from browsers with 128-bit or higher encryption strength. One of the following cipher suites will be applicable based upon the browser for any established sessions: SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA Key Signing Algorithm displays the supported signing algorithms. Select an algorithm from the drop down list. If you select either SHA 512 or SHA 256, ensure that your operating system/browser supports this algorithm. If you select one of these options without the requisite operating system/browser support, Server Administrator displays a "cannot display the webpage" error. This field is meant only for Server Administrator auto-generated self-signed certificates. The drop down list will be grayed out if you import or generate new certificates into Server Administrator -----Original Message----- From: linux-poweredge-bounces-Lists On Behalf Of Mark Watts Sent: Wednesday, March 17, 2010 5:09 AM To: linux-poweredge-Lists Subject: OMSA 5.5.0 and SSL Is there any way to change the SSL Ciphers offered by OMSA? We're being warned about it offering weak ciphers by an audit tool. Cheers, Mark. -- Mark Watts BSc RHCE MBCS Senior Systems Engineer, Managed Services Manpower www.QinetiQ.com QinetiQ - Delivering customer-focused solutions GPG Key: http://www.linux-corner.info/mwatts.gpg _______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge Please read the FAQ at http://lists.us.dell.com/faq
