STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020:SV-78643r1_rule
V-64153
SRG-APP-000015-WSR-000014
OH12-1X-000017
CAT II
10
1. Open every .conf file (e.g., ssl.conf) included in $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf with an editor that contains an SSL-enabled "<VirtualHost>" directive.
2. Search for the "WebLogicSSLVersion" directive within an "<IfModule weblogic_module>" at the virtual host configuration scope.
3. Set the "WebLogicSSLVersion" directive to "TLSv1_2 TLSv1_1 TLSv1", add the directive if it does not exist.
If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL:
1. Open every .conf file (e.g., ssl.conf) included in $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf with an editor that contains an SSL-enabled "<VirtualHost>" directive.
2. Search for the "WebLogicSSLVersion" directive within an "<IfModule weblogic_module>" at the virtual host configuration scope.
3. If the directive is omitted or is not set to "TLS versions 1.0 and greater", this is a finding.
V-64153
False
OH12-1X-000017
If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL:
1. Open every .conf file (e.g., ssl.conf) included in $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf with an editor that contains an SSL-enabled "<VirtualHost>" directive.
2. Search for the "WebLogicSSLVersion" directive within an "<IfModule weblogic_module>" at the virtual host configuration scope.
3. If the directive is omitted or is not set to "TLS versions 1.0 and greater", this is a finding.
M
2753