Black Duck Code Sight server

The following are the instructions to turn off SSLv3 on the Black Duck Code Sight server for POODLE vulnerability:
  1. On the Black Duck Code Sight server, edit the file /opt/collabnet/teamforge/dist/conf-snippets/codesearch-tomcat-ssl.d/00-server.xml by replacing sslProtocol="TLS" in the following code snippet: 
    <Connector port="{__BDCS_TOMCAT_PORT__}" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150"
        scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"
        keystoreFile="{__SITE_DIR__}/etc/codesearch_tomcat.store"
        keystorePass=<"password"> keystoreType="PKCS12" />

    with sslProtocols="TLSv1,TLSv1.1,TLSv1.2" as shown below:

    <Connector port="{__BDCS_TOMCAT_PORT__}" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150"
        scheme="https" secure="true" clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2"
        keystoreFile="{__SITE_DIR__}/etc/codesearch_tomcat.store"
        keystorePass=<"password"> keystoreType="PKCS12" />
  2. Rebuild the runtime and restart TeamForge services with the following commands:
    • /etc/init.d/collabnet stop
    • cd /opt/collabnet/teamforge-installer/<version>

      For example, cd /opt/collabnet/teamforge-installer/7.1.0.0

    • ./install.sh -rVn
    • /etc/init.d/collabnet start
After completing the above-given steps, retest the connection to ensure that SSLv3 access is no longer permitted.
Parent topic: Security vulnerability SSL 3.0 - POODLE issue

Questions? Comments? Talk to other users of CollabNet products and the engineers behind them.

Copyright 2020 CollabNet Corporation | Site Feedback | Terms of Use | Privacy Policy | Copyright and Trademark | Support