Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-4214

Disable SSLv3 in the commented out TLS tomcat configuration

    XMLWordPrintable

Details

    Description

      We can document how users can enable SSLv3 but we should disable SSLv3 in the commented out tomcat TLS configuration, so as to prevent customers being vulnerable to POODLE.

      Attachments

        Issue Links

          is incorporated by

          Bug - A problem which impairs or prevents the functions of the product. CWD-4240 Upgrade tomcat to a version >= 7.0.55

          • Medium - Medium priority issues
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-35386 SSLv3 Is Not Disabled When sslProtocol is Set to TLS, Vulnerable to POODLE

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: