how to disable SSLv3

Forum|Forum|11 years ago
October 17, 2014
1 reply
1594 views

Hello,

I want to disable SSLv3 in Adobe Media Server 5.0.6. I've tried to change the cipher suite in Adaptor.xml:

ALL:!ADH:!LOW:!EXP:!MD5:-SSLv3:@STRENGTH

According to sslabs report, it disables TLS 1.0 and TLS 1.1 in addition to SSLv3.

What is the proper way to disable SSLv3 only?

Thanks,

Arnaud

This topic has been closed for replies.

H

hparmar

Adobe Employee

Yours is the correct way to disable SSLv3 in Adobe media server..Adobe media server uses rtmps prootcol too(which eventually consumes SSLCipher settings)

However note that Adobe media server also has apache installed into it...SO you might want to disable SSlv3 from Apache too(that is in case you have configured Apache to run https/SSL)...if you have configured apache to run https then you need to change SSLCiphers in the corresponding your httpd*.conf files too.

A

Arn-0Author

Known Participant

My issue is to keep TLS 1.0 working while disabling the SSLv3 protocol. In Apache I would remove SSLv3 from the SSLProtocol directive and keep SSLCipherSuite untouched. But AMS only seems to expose SSLCipherSuite.

H

hparmar

Adobe Employee

Ok...So if you have taken care of Apache then that is Great...And yes, above is the correct way to disable SSLv3 ciphers from list of handshake ciphers in AMS.

I do not think need SSLProtocol tag in AMS, just disable SSSLv3 from list of SSLCipherSuites and that should be good enough to get over \

SSL-Poodle CVE-2014-3566 issue that is doing rounds on internet.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded