Need to disable the SSL version 2 and 3 on TIM Server
search cancel

Need to disable the SSL version 2 and 3 on TIM Server

book

Article ID: 232822

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope)

Issue/Introduction

SSL version 2 and V3 is enabled and we need to disable it on the TIM Server.

We also want to address weak Cipher and HTTP Strict Transport Security (HSTS) vulnerabilities on the TIM Server.

Environment

Release : 10.7.0

Component : Introscope

Resolution

The TIM Server is using the Apache HTTP Server and these vulnerabilities are related to Apache HTTP Server.

To address these vulnerabilities, modify the ssl.conf file on the TIM Server.

Add: 
SSLProtocol all -SSLv2 -SSLv3 -TLSv1

Remove weak Ciphers by modifying the SSLCipherSuite parameter in ssl.conf file.

To address the HTTP Strict Transport Security (HSTS), review the following document:
https://access.redhat.com/solutions/1220063

 

 

Powered by Wolken Software