Follow

How to prevent the Web App from using SSLv3

Please note that the following settings may be incorporated into a future revision of Traverse.

To prevent the Traverse Web Application from using SSLv3 or any RC4 based ciphers, add the 'protocols' and 'ciphers' values to  the '<Connector port="443"' section of the file 'TRAVERSE_HOME\apps\tomcat\conf\server.xml as shown below:

 

    <Connector port="443"
      minProcessors="20" maxProcessors="80"
      enableLookups="false" allowChunking="false"
      acceptCount="100" scheme="https" secure="true"
      clientAuth="false" sslProtocol="TLS" protocols="TLSv1.1,TLSv1.2"
      ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
      TLS_RSA_WITH_AES_128_CBC_SHA256,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
      TLS_RSA_WITH_3DES_EDE_CBC_SHA,
      TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
      keystorePass="passw0rd1" keystoreFile="/usr/local/traverse/etc/webapp.keystore"
      compression="off" debug="0"
      URIEncoding="UTF-8" />

 

Then save the changes and restart the Web Application.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.