Securing Certificate Server of Identity Management server against SWEET32

Solution Verified - Updated -


  • SSL/TLS protocol support cipher suites which use 3DES presents security weakness (64-bit Block Size Cipher Suites (SWEET32))
  • Red Hat advised to completely disable DES/3DES ciphers 1
  • IdM server was initially installed on RHEL 7.4 or earlier
  • Network scanner had discoverd that Certificate Server (CS) of IdM supported the vulnerable cipher
  • Need to secure CS of IdM server against the weakness
  • Vulnerability presented even after upgrading to RHEL 7.5 or later


  • Red Hat Enterprise Linux (RHEL) 7.4 or earlier
  • Identity Management (IdM) servers

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In