Dear All,
Our Internal security audit suggests to avoid the use of Week SSL ciphers for our SAP PI 7.0 servers.
We have followed the SAP note 510007 - Setting up SSL on Web Application Server ABAP
as mentioned in the point 6 we have added below parameter in the instance profile of application server and restarted our server but still the issue is not resoved.
ssl/ciphersuites=MEDIUM:HIGH:EXPORT:!LOW:!eNULL
Clients are accessing our PI server through SAP Web dispatcher.
Kindly suggest the action to be taken to resolve the issue.
Please find the below comment from Audit.
-----------------------------------------------------------------------------------------------------------------------
The remote host supports the use of SSL ciphers that offer weak encryption.
Note: This is considerably easier to exploit if the attacker is on the same physical network
-----------------------------------------------------------------------------------------------------------------------
Regards,
Lalitha.