Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5058
Views
10
Helpful
2
Replies

How to disable SSL version 2 and 3 and enable TLS 1.1 or higher on Cisco UC apps

tbao88888
Level 1
Level 1

‎05-13-2016 07:00 AM - edited ‎03-19-2019 11:06 AM

Hi,

Does anyone know how to disable SSL version 2 and 3 and enable TLS 1.1 or higher on Cisco UC apps such as CUCM, CUC, CUIMP and UCCX version 9.1? Not sure if this is possible or an upgrade is needed. TIA

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Shashank Mahajan
Cisco Employee
Cisco Employee

‎05-17-2016 12:21 PM

As far as CUCM is concerned you can disable SSL v3 if you are on CUCM version 9.1.2.13900-7.  This version of CUCM gives you the ability to monitor the status, disable or enable SSLv3 with the following commands:
utils webserver ssl [status | disable | enable]

To apply the full software fix for this vulnerability, it is recommended to move to 10.5.2 or later version.

TLS is only used when your cluster is in secure mode (also known as mixed mode). If you do not intend to change your cluster to secure or mixed mode then you don't need to worry about it. For CUCM 10.5 TLS version 1.2 is being used.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/security/11_0_1/secugd/CUCM_BK_C1A78C1D_00_cucm-security-guide-1101/encrypted_phone_configuration_file_setup.pdf

tbao88888
Level 1
Level 1
In response to Shashank Mahajan

‎05-18-2016 12:02 PM

Thanks Shashank! So SSL v3 is disabled in 10.5.2 or later versions?

0 Helpful
Customers Also Viewed These Support Documents