Enhancing Security for Web UI
When connected through the Secured Socket Layer (SSL) protocol using HTTPS, the web UI uses the default ciphers for the Java Virtual Machine (JVM). These ciphers usually include weak cipher session keys and can affect system security. In case you want to harden the system, adjust the ciphers as below:
Note |
The default installation of Cisco Prime Network Registrar 10.1 works with Transport Layer Security (TLS) 1.2. You can change the configuration to make it work with the older TLS versions, if needed. |
Procedure
Step 1 |
Open the server.xml file in the install-path/tomcat/conf folder in your Cisco Prime Network Registrar installation folder. |
||
Step 2 |
Add a ciphers statement to the HTTPS connector statement and list down the allowed ciphers as described in the following example:
|
||
Step 3 |
Restart Cisco Prime Network Registrar for the changes to take effect. |