Jboss failure after SSLv3 POODLE Vulnerability CVE-2014-3566 update

book

Article ID: 38004

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

Introduction:

Jboss failure after SSLv3 POODLE Vulnerability CVE-2014-3566 update

 

Background:

Upgrading RO76380 > RO76475 to apply Poodle vulnerability update.

  

But when I start jboss, I find below message and ENTM can not be opened. 

 

"Protocol handler initialization failed: java.io.IOException: TLSv1,TLSv1.1,TLSv1.2 SSLContext not available" 

 

Instructions:

C:\jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml

From 

sslProtocol="TLSv1,TLSv1.1,TLSv1.2" 

to 

sslProtocols="TLSv1,TLSv1.1,TLSv1.2" 

 

Additional Information:

More detail of SSLv3 POODLE Vulnerability CVE-2014-3566 can be found below link.

http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/sslv3-poodle-vulnerability-cve-2014-3566-product-guidance.aspx

 

 

You can also find the way to disable access via HTTP.

 

TEC606700 

How to disable HTTP interface to ENTM GUI so that it can only be accessed via HTTPS? 

 

http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec606700.aspx

 

Environment

Release: ACP1M005900-12.8-Privileged Identity Manager
Component: