NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

Network and Storage Protocols

What is the way to disable SSL 2.0 and 3.0 and use TLS 1.2?

novice
13,736 Views

I got the following security violation notice on Netapp 8.2.2 (System Manager 3.1.3):

 

==============================================================

Description :
The remote service accepts connections encrypted using SSL 2.0 and/or
SSL 3.0. These versions of SSL are affected by several cryptographic
flaws, including:
- An insecure padding scheme with CBC ciphers.
- Insecure session renegotiation and resumption schemes.

...

Solution :
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.2 (with approved cipher suites) or higher instead.

==============================================================

 

What is the way to disable SSL 2.0 and 3.0 and use TLS 1.2?

Thank you.

1 ACCEPTED SOLUTION

darb0505
13,696 Views

Hi @novice ,

 

Here is a KB article that includes details to the security notice and how to disable SSL 2.0 and 3.0.

 

KB: How to disable SSLv2 and SSLv3 in Data ONTAP

 

Let us know if you have any questions regarding the steps to disable the SSL 2.0/3.0.  The KB includes steps for ONTAP 7-mode and cluster mode.

 

Thanks

Team NetApp

View solution in original post

1 REPLY 1

darb0505
13,697 Views

Hi @novice ,

 

Here is a KB article that includes details to the security notice and how to disable SSL 2.0 and 3.0.

 

KB: How to disable SSLv2 and SSLv3 in Data ONTAP

 

Let us know if you have any questions regarding the steps to disable the SSL 2.0/3.0.  The KB includes steps for ONTAP 7-mode and cluster mode.

 

Thanks

Team NetApp
Public