Oracle iPlanet Web Server 7.0.9 Release Notes


The following table lists the known issues in the security area of Web Server.

Table 9 Known Issues in Security

Problem ID 



Limitation supporting basic and digest-based ACLs for resources in the same directory.

If the server uses digest and basic-based ACLs in different parts of their doc tree, attempting to use both simultaneously on different files or resources in the same directory is not possible. 


TLS_ECDH_RSA_* require the server cert signed with RSA keys.

Cipher suites of the form TLS_ECDH_RSA_* requires server to have an ECC keypair with a cert signed using RSA keys. Note that this precludes using these cipher suites with self-signed certificates. This requirement is inherent to these cipher suites and is not a bug. The server should detect and warn about wrong configurations related to these cipher suites but currently it does not do so.