https://community.netapp.com/t5/Network-and-Storage-Protocols/What-is-the-way-to-disable-SSL-2-0-and-3-0-and-use-TLS-1-2/m-p/163346#M9505 <P>I got the following security violation notice on Netapp 8.2.2 (System Manager 3.1.3):</P><P>&nbsp;</P><P>==============================================================</P><P><SPAN>Description :</SPAN><BR /><SPAN>The remote service accepts connections encrypted using SSL 2.0 and/or</SPAN><BR /><SPAN>SSL 3.0. These versions of SSL are affected by several cryptographic</SPAN><BR /><SPAN>flaws, including:</SPAN><BR /><SPAN>- An insecure padding scheme with CBC ciphers.</SPAN><BR /><SPAN>- Insecure session renegotiation and resumption schemes.</SPAN></P><P><SPAN>...</SPAN></P><P><SPAN>Solution :<BR />Consult the application's documentation to disable SSL 2.0 and 3.0.<BR />Use TLS 1.2 (with approved cipher suites) or higher instead.</SPAN></P><P><SPAN>==============================================================</SPAN></P><P>&nbsp;</P><P><SPAN>What is the way to disable SSL 2.0 and 3.0 and use TLS 1.2?</SPAN></P><P><SPAN>Thank you.</SPAN></P> Wed, 04 Jun 2025 10:37:14 GMT novice 2025-06-04T10:37:14Z https://community.netapp.com/t5/Network-and-Storage-Protocols/What-is-the-way-to-disable-SSL-2-0-and-3-0-and-use-TLS-1-2/m-p/163346#M9505 <P>I got the following security violation notice on Netapp 8.2.2 (System Manager 3.1.3):</P><P>&nbsp;</P><P>==============================================================</P><P><SPAN>Description :</SPAN><BR /><SPAN>The remote service accepts connections encrypted using SSL 2.0 and/or</SPAN><BR /><SPAN>SSL 3.0. These versions of SSL are affected by several cryptographic</SPAN><BR /><SPAN>flaws, including:</SPAN><BR /><SPAN>- An insecure padding scheme with CBC ciphers.</SPAN><BR /><SPAN>- Insecure session renegotiation and resumption schemes.</SPAN></P><P><SPAN>...</SPAN></P><P><SPAN>Solution :<BR />Consult the application's documentation to disable SSL 2.0 and 3.0.<BR />Use TLS 1.2 (with approved cipher suites) or higher instead.</SPAN></P><P><SPAN>==============================================================</SPAN></P><P>&nbsp;</P><P><SPAN>What is the way to disable SSL 2.0 and 3.0 and use TLS 1.2?</SPAN></P><P><SPAN>Thank you.</SPAN></P> Wed, 04 Jun 2025 10:37:14 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/What-is-the-way-to-disable-SSL-2-0-and-3-0-and-use-TLS-1-2/m-p/163346#M9505 novice 2025-06-04T10:37:14Z https://community.netapp.com/t5/Network-and-Storage-Protocols/What-is-the-way-to-disable-SSL-2-0-and-3-0-and-use-TLS-1-2/m-p/163365#M9506 <P>Hi <a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/90007">@novice</a> ,</P><P>&nbsp;</P><P>Here is a KB article that includes details to the security notice and how to disable SSL 2.0 and 3.0.</P><P>&nbsp;</P><P>KB: <A href="https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_disable_SSLv2_and_SSLv3_in_Data_ONTAP_for_CVE-2016-0800_and_CVE-2014-3566" target="_self">How to disable SSLv2 and SSLv3 in Data ONTAP</A></P><P>&nbsp;</P><P>Let us know if you have any questions regarding the steps to disable the SSL 2.0/3.0.&nbsp; The KB includes steps for ONTAP 7-mode and cluster mode.</P><P>&nbsp;</P><P>Thanks</P> Wed, 27 Jan 2021 06:25:23 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/What-is-the-way-to-disable-SSL-2-0-and-3-0-and-use-TLS-1-2/m-p/163365#M9506 darb0505 2021-01-27T06:25:23Z