Setting Which Protocols to Disable When Creating an SSL Connector

Administration Guide > TDV and SSL Authentication > Setting Which Protocols to Disable When Creating an SSL Connector

To avoid known security flaws, it is best to disable SSLv3. By default, a Studio configuration parameter named Disabled Protocols for SSL Connectors does this for you. You can change the list of protocols to disable by modifying this parameter’s comma-separated value string.

Removing the value string causes the default JRE settings to take effect. Under the default JRE settings, SSLv2, SSLv2Hello, and SSLv3 protocols are disabled for SSL sockets for incoming connections, and TLSv1 protocol is used for outgoing connections.

Note: Changing this value has no effect until the next server restart.

To change which protocols to disable when creating an SSL connector

1. Select Administration > Configuration from the main Studio menu.

2. Navigate to Configuration > Server > Communications > Disabled Protocols for SSL Connectors.

3. Change the comma-separated list of the protocols to disable.

4. Restart the server so that the changes take effect.