How to prevent the Web App from using SSLv3

PROBLEM:

I want to block the WebApp from using SSLv3

SOLUTION:

Please note that the following settings may be incorporated into a future revision of Traverse.

To prevent the Traverse Web Application from using SSLv3 or any RC4 based ciphers, add the 'sslProtocol','protocols' and 'ciphers' values to  the '<Connector port="443"' section of the file 'TRAVERSE_HOME\apps\tomcat\conf\server.xml as shown below:

 

    <Connector port="443"
      minProcessors="20" maxProcessors="80"
      enableLookups="false" allowChunking="false"
      acceptCount="100" scheme="https" secure="true"
      clientAuth="false" sslProtocol="TLS" protocols="TLSv1.1,TLSv1.2"
      ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
      TLS_RSA_WITH_AES_128_CBC_SHA256,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
      TLS_RSA_WITH_3DES_EDE_CBC_SHA,
      TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
      keystorePass="redacted" keystoreFile="/usr/local/traverse/etc/webapp.keystore"
      compression="off" debug="0"
      URIEncoding="UTF-8" />

 

Then save the changes and restart the Web Application.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section