ScrumWorks sites

The following are the instructions to turn off SSLv3 on the ScrumWorks sites for POODLE vulnerability:
  1. Add SSLProtocol -SSLv3 +TLSv1 -SSLv2 in the etc/httpd/conf/httpd.conf file as shown below: 
      SSLEngine on
  SSLProtocol -SSLv3 +TLSv1 -SSLv2
  2. Perform a graceful restart:
    • service httpd graceful
  3. Run the following command to confirm if SSLv3 has been disabled:
    • /usr/bin/openssl s_client -crlf -connect hostname:port -ssl3
Parent topic: Security vulnerability SSL 3.0 - POODLE issue

Questions? Comments? Talk to other users of CollabNet products and the engineers behind them.

Copyright 2020 CollabNet Corporation | Site Feedback | Terms of Use | Privacy Policy | Copyright and Trademark | Support