If there is a need to know the cipher used by CLM applications or RTC and the level of encryption used for web-clients, this blog should be of some help.
Cipher refers to the algorithm used for performing encryption and decryption of the data.
Generally, SSL (Secure Socket Layer) is used for data encryption, decryption and transmission using certificates or smart cards. However, this also depends on the kind of Application server being used. Based on the kind of application server in use, the respective product documentation should have the details on the cipher used.
Websphere Application Server, Apache Tomcat
a. For Internet Explorer, login to RTC and then right click on the web-page --> Properties;
This displays the connection details with the encryption data for the URL.
b. For Firefox web-browser, if one hovers and clicks on the padlock symbol prior to URI in the address bar, say before https: //hostname:9443/ccm/web in the address bar, it gives the following information:
Connection Encrypted: High-grade Encryption (RC4, 128 bit keys)
So, if the RTC/CLM installation is based on Websphere Application Server (v7.0), the site supports a minimum cipher strength of 168 bit encryption. This, can be confirmed by looking into the properties for ccm application web-page and the application server documentation.
By default, using the Apache Tomcat application server the site supports a minimum cipher strenght of 128 bit encryption.
The cipher indicates that the data is encrypted between the Internet browser and the Server. It doesn’t encrypt the data on the database itself.
This is what is behind the HTTPS protocol and is managed by the Application server. RTC is only an application installed on top of Jazz, which is installed on WebSphere.
Here is the link for the WebSphere v 7.0 documentation - About "TLS 1.0, 3DES with 168 bit encryption (High)". This explains SSL Version 3 and TLS Version 1.0 cipher specifications: http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.ihs.doc/info/ihs/ihs/rihs_v3ciphspec.html