- Ambari 2.5.X, RHEL7
I'm attempting to disable the cipher: RSA_WITH_3DES_EDE_CBC_SHA
I have added it to the ambari.properties file as both:
(They are separated by the '|' symbol)
Although every time I run TestSSLServer2 on Ambari port..the ciphers show up. I have also added these ciphers to the servers java.security file with no luck.
Am I missing something?
In general to disable certain ciphers for Ambari UI, do the following:
1. Locate the strings for the ciphers you wish to disable in the following list:
2. Edit the ambari.properties file and add them as follows, separating the cipher strings with vertical pipes:
3. Restart Ambari server
4. Rescan and verify the results
Also, the ciphers TLS_RSA_WITH_3DES_EDE_CBC_SHA disabled with SSL_RSA_WITH_3DES_EDE_CBC_SHA breaks Ambari Metrics and Firefox access to the Ambari UI, so it is best not to disable "TLS_RSA_WITH_3DES_EDE_CBC_SHA".