Issue with HTML5 viewer in Chrome/Insecure Ciphers
We're running into an issue launching the HTML5 viewer in Chrome 48, where upon launching a session we see this error:
We then tried running tests against the ports 8443, 8383, 8081 and 8031 for SSL vulnerabilities. Port 8383 (our primary portal page) passed with flying colors, 8443 and 8031 use a weaker TLSv1.0 cipher, but it's still acceptable. Port 8081 uses a RC4-SHA cipher which is blocked by Chrome. We have absolutely no issue launching an RDS session using Firefox or Safari, so this only affects Chrome. Our certificate is a wildcard cert, but all tests verified the cert is not the issue. Is there any way to disable the RC4-SHA cipher? It appears to be the only one offered on that port. We've already disabled it in our httpd-ssl.conf, and our websettings.conf, but since Java is what's listening on port 8081, and not apache, we're not really sure how to disable it.
Secure Web Socket Connection (https:\\) to server failed. Please add the Server's certificate to browser's exception list.
There is then an "Add Exception" button that attempts to bring up our server URL with :8081, assumingly to show the certificate and allow us to add it. This brings us to a Chrome error page stating:
"This Webpage is Not AvailableERR_SSL_VERSION_OR_CIPHER_MISMATCH"
We've also noticed that the server is running Java 6, so we are limited to TLSv1.0. Are there any plans on updating to Java 7? Is there a manual upgrade process we could perform? While it is not a huge inconvenience using another browser to utilize the RDS tool, our larger concern is the possible vulnerabilities this implies.