Hello Team ,
After SSL configuration on RA repository server following steps from below :
Configuring SSL for RA repository server - CA Knowledge
Still gives following vulnerability issue :
Found your support case, so I'd like to share the solution.
Added cipher list to conf/server.xml, and then the vulnerability was resolved.
<Connector .... port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" .... > ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"> </Connector>
However, this configuration is not certified officially. Venkat also said that "I highly recommend that you validate these latest/strong ciphers in test environment before you move to PROD and take backup of server.xml before making any change to it. "