Environment
Security Manager 6.5.x
hash algorithm
encryption
Schannel
hash algorithm
encryption
Schannel
Situation
What encryption or hash algorithm does Security Manager 6.5 use?
Resolution
- On an agent machine:
- Navigate to C:\Program Files\NetIQ Security Manager\ONEPOINT
- Open NqSmSvc.exe.log4cxx in notepad.
- Change:
<root>
<priority value ="info" />
To:
<root>
<priority value ="debug" /> - Save NqSmSvc.exe.log4cxx.
- Restart the NetIQ Security Manager Agent service.
- Navigate to C:\Documents and Settings\All Users\Application Data\NetIQ\Security Manager\Log Files
- Open NQSMSVC.TXT in your favorite text editor.
- Search for SChannelConnectionInfo to determine the algorithm, cipher and protocol.
Here is an example:
2011-01-17 08:53:32,667 [0x00001a0c] DEBUG Communication.Server.SChannelConnectionInfo: SChannel connection info: Computer = x.x.x.x:8270, Protocol = TLS1_CLIENT (128), Cipher = RC4_128 (26625), Hash = SHA_160 (32772), Key Exchange = KEY_EXCHANGE_UNKNOWN_1024 (9216)
This will give you the information you are looking for. Hash is the algorithm, and Cipher and Protocol will give you the encryption.
Once you have this information, go back to steps 1-6 and reverse the setting.
Cause
SM 6.5 uses SSL/TLS1 for agent communication. We use Microsoft SChannel as our SSL implementation. SChannel can be configured via the ?SSL Cipher Suite Order? group policy object. Choosing the cipher suite will dictate what hashing algorithm is used.
Additional Information
Formerly known as NETIQKB72765