Ciphers and Protocols for Directory Proxy Server

The ciphers and protocols that can be used by Directory Proxy Server depend on the JVM that is used. By default, Directory Proxy Server uses the default ciphers and protocols for the JVM.

You can retrieve a list of ciphers and protocols by using the dpconf command:

Enabled ciphers

The list of ciphers that are currently enabled for both the LDAP and LDAPS listeners. Because the LDAP and LDAPS listeners are synchronized, the properties are part of the global server configuration, and not the listener configuration.

Supported ciphers

The list of ciphers supported by the JVM for Directory Proxy Server.

The Root DSE lists all the supported ciphers under the supportedSSLCiphers attribute.

The enabledSSLCiphers attribute is a subset of supportedSSLCiphers attribute.

Enabled protocols

The list of protocols that are currently enabled for both the LDAP and LDAPS listeners. Because the LDAP and LDAPS listeners are synchronized, the properties are part of the global server configuration, and not the listener configuration.

Supported protocols

The list of protocols supported by the JVM for Directory Proxy Server.

For reference information about cipher suites, see Cryptographic Algorithms Used With SSL. For information about how to choose ciphers, see Choosing SSL Ciphers and SSL Protocols for Directory Proxy Server in Oracle Fusion Middleware Administration Guide for Oracle Directory Server Enterprise Edition.