CollabNet TeamForge server

The following are the instructions to turn off SSL 3.0 on the CollabNet TeamForge server for POODLE vulnerability:
  1. Edit the file /etc/httpd/conf/httpd.conf to change "+SSLv3" to "-SSLv3":
    • SSLProtocol -SSLv3 +TLSv1 -SSLv2
  2. Perform a graceful restart of the Apache server:
    • /etc/init.d/httpd graceful
  3. Download and unzip the file 99-z-remove-sslv3.zip to /opt/collabnet/teamforge/dist/hook-scripts/create-runtime-ext/.
  4. For CollabNet TeamForge 7.x sites, edit /opt/collabnet/teamforge/dist/lib/multiplatform/python/service/runtime_scripts.py by adding the command for 99-z-remove-sslv3.py after the command join(createRuntimeExtFolder, "99-z-teamforge-add-ons.py")as shown below:
    join(createRuntimeExtFolder, "99-z-teamforge-add-ons.py"),
              join(createRuntimeExtFolder, "99-z-remove-sslv3.py"),
                                      ],
    Important: Step 4 is only for CTF 7.x sites. This can be ignored for sites running older versions.