By default, Access Manger supports the 128-bit SSL communication among the Administration Console, Identity Server, SSL VPN, and browsers. The supported ciphers include:
SSL_RSA_WITH_RC4_128_MD5
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_KRB5_WITH_3DES_EDE_CBC_SHA
TLS_KRB5_WITH_RC4_128_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
To enable the strong 256-bit ciphers:
Download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 from Sun's Java Web site.
Extract the zip file and replace the policy jars in /opt/novell/java/jre/lib/security/.
Modify the server.xml file located in /opt/novell/nam/adminconsole/conf/.
Add the 256-bit ciphers to the cipher attribute of <Connectors>.
For the list of 256-bit ciphers, see Java ™ Cryptography ArchitectureOracle Providers Documentation.