This is a very old issue for Dell OMSA. Why doesn't Dell install OMSA with a default of "128-bit or Higher) rather than having us take extra steps to lock it down? With security requirements being tighter due to more aggressive attacks, it would seem more appropriate to use the stronger cipher value by default.
It appears that after fixing all of my servers that were at version 5.9 or 6.1, that the setting reverted to "Auto-Negotiate" when I upgraded them to version 6.5. I'm not 100% sure, but that appears to be the trend from the ones I've looked at so far.
When Nessus Cyber Security scanning tool reports weak ciphers on port 1311 within the server when referencing Dell OMSA, it is likely that the webserver portion of the local client is not set to 128-bit or higher cipher. You can either go into each client (labor intensive) and make the change in the OMSA GUI, replace the keystore.ini file with one that includes the higher cipher, or the code needs to be added on the "cipher_suites" line shown below.
C:\Program Files\Dell\SysMgt\iws\config\keystore.ini file (or (X86) if you have a 64-bit OS)
Correct Code
================================================================
keystore_file = ./config/keystore.db
keystore_type = JKS
protocol = TLS
key_algorithm = SunX509
provider_classfile = com.sun.net.ssl.internal.ssl.Provider
authenticate_client = n
cipher_suites=SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
supported_key_signing_algorithms=MD5,SHA1,SHA256,SHA512
key_signing_algorithm=SHA1
The issue was brought up back in 2007. Here's the reference:
http://en.community.dell.com/support-forums/servers/f/177/t/18523153.aspx