Network and Storage Protocols

What is the way to disable SSL 2.0 and 3.0 and use TLS 1.2?

novice

I got the following security violation notice on Netapp 8.2.2 (System Manager 3.1.3):

 

==============================================================

Description :
The remote service accepts connections encrypted using SSL 2.0 and/or
SSL 3.0. These versions of SSL are affected by several cryptographic
flaws, including:
- An insecure padding scheme with CBC ciphers.
- Insecure session renegotiation and resumption schemes.

...

Solution :
Consult the application's documentation to disable SSL 2.0 and 3.0.
Use TLS 1.2 (with approved cipher suites) or higher instead.

==============================================================

 

What is the way to disable SSL 2.0 and 3.0 and use TLS 1.2?

Thank you.

1 ACCEPTED SOLUTION

darb0505

Hi @novice ,

 

Here is a KB article that includes details to the security notice and how to disable SSL 2.0 and 3.0.

 

KB: How to disable SSLv2 and SSLv3 in Data ONTAP

 

Let us know if you have any questions regarding the steps to disable the SSL 2.0/3.0.  The KB includes steps for ONTAP 7-mode and cluster mode.

 

Thanks

Team NetApp

View solution in original post

1 REPLY 1

darb0505

Hi @novice ,

 

Here is a KB article that includes details to the security notice and how to disable SSL 2.0 and 3.0.

 

KB: How to disable SSLv2 and SSLv3 in Data ONTAP

 

Let us know if you have any questions regarding the steps to disable the SSL 2.0/3.0.  The KB includes steps for ONTAP 7-mode and cluster mode.

 

Thanks

Team NetApp

View solution in original post

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public