SSLv3 is no longer enabled by default as an offered cryptographic protocol. You will need to explicitly configure the Managed Listen Port that will be accepting traffic using SSLv3. To enable support for SSLv3 for a particular published Listen Port, do the following:
- Log into the Layer 7 Policy Manager as an administrative user.
- Select "Manage Listen Ports" from the "Tasks" menu.
- Select the listen port that will allow SSLv3 and select "Properties"
- Select the "Advanced" tab.
- Add overrideProtocols=SSLv2Hello,SSLv3,TLSv1
- Restart the Gateway appliance.
This will allow clients that permit SSLv3 to connect to the Gateway via SSLv3 over a specific port. If there is a need to only allow SSLv3 (and disallow TLS)--ensure TLSv1.1 and TLSv1.2 are not checked in the Listen Port properties.
Finally, you will only be able to make these changes against a listen port that is not currently used for administration. For example, you cannot reconfigure Port 9443 if you are connected to the Policy Manager on 9443.