If your exacqVision Enterprise Manager is already using HTTPS as described in our Knowledge Base Article ‘How to Enable HTTPS for ESM’ you can make sure you are using strong ciphers and the most current ssl protocol using this document.
<br>
Locate and make the indicated changes to the file httpd-ssl.conf
<br>
Windows
C:\Program Files\exacqVision\EnterpriseManager\apache_solr\apache2\conf\extra\httpd-ssl.conf
<br>
Linux
/usr/local/exacq/esm/apache_solr/apache2/conf/extra/httpd-ssl.conf
<br>
Find SSLCipherSuite and SSLProxyCipherSuite and make sure they match the following.
<br>
Find the SSL Protocol Support section and make sure the following is set as follows. Note, it may be possible to user TLSv1.3 but it has not been tested yet.
<br>
Verifying
To verify the endpoint is running as expected for your Enterprise Manager HTTPS site.
<br>
Run the following command from a Linux machine with openssl installed.
<br>
Note the output under SSL-Session.
<br>
Enabling-stronger-cipher-protocol-security-with-Enterprise-Manager.pdf