06-30-2009 10:57 AM
Hi,
Can SSL 3.0 be used with LMS 2.0.
Our local vulnerability scanner has identified a vulnerability with use
of SSL 2.0 presently used in our ciscoworks application server.
Can use of SSL 3.0 be
used and if so, when/how is this available to remediate this vulnerability? Our plaform
is Solaris 2.10
Solved! Go to Solution.
06-30-2009 12:53 PM
This is not possible. SSLv2 must remained enabled on the server for compatibility purposes. The next generation of LMS will disable this legacy encryption protocol.
06-30-2009 10:58 AM
SSL 3.0 and TLS 1.0 is enabled by default with LMS. Due to the need to support legacy components, we also offer SSLv2.
06-30-2009 11:45 AM
Hi jclarke,
Thanks for this instant support !
Please tell where I can find if which version of SSL is used and how we can alter the version according to our necessity.
-Thanks
06-30-2009 11:49 AM
All modern browsers will use either SSLv3 or TLSv1 by default. You can usually set this up in your browsers advanced or security preferences. For example, in Firefox, go to Advanced > Encryption. You'll see only SSLv3 and TLSv1 are available.
06-30-2009 12:48 PM
Hi jclarke,
Appreciate the information - however one of the things that this relates to is preventing it from being used on the server - rather than just limiting it to the client to choose one or the other. Can we look at hoew to just limit it to SSL 3.0?
06-30-2009 12:53 PM
This is not possible. SSLv2 must remained enabled on the server for compatibility purposes. The next generation of LMS will disable this legacy encryption protocol.
06-30-2009 02:12 PM
Hi Jclarke,
Thanks for your time and responses.
Your answer gives it all, but as it is required by us as per the security perspective, can we disable LMS server to respond to SSL 2.0. If not can a PER be filed for it.
Thanks.
06-30-2009 03:22 PM
No, this is not supported. Like I said, removing SSLv2 is already planned for a future release.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide