I recently had a security scan on the OpManager installation at my company.  OpManager has TLS renegotiation vulerability .  We were using https with self signed certificate.  

Here is the write up from Oracle and the fixes.

However, OpManager is running on JRE 1.5.  I tried upgrading to 1.6.  Unfortunately OpManager just hang on start up.  

Please, upgrade the JRE.