[
https://issues.apache.org/jira/browse/DIRSERVER-2020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14215798#comment-14215798
]
Kiran Ayyagari commented on DIRSERVER-2020:
-------------------------------------------
Initializing the SslContext with TLSv1 didn't work, looks like this must be
fixed in MINA where the SocketFactory is controlled.
And the relevant [CVE from
Oracle|http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html]
> Poodle remediation for ApacheDS 2.X
> -----------------------------------
>
> Key: DIRSERVER-2020
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2020
> Project: Directory ApacheDS
> Issue Type: Task
> Components: ldap
> Affects Versions: 2.0.0-M10
> Environment: Production
> Reporter: RakeshAcharya
> Priority: Critical
> Labels: patch
>
> How do we disable SSlv3 protocol for apache DS 2.X ?
> As part of poodle remediation we need to disable SSL v3 ASAP in production
> boxes as the scan showed its vulnerable.
> I cant find any configuration pertaining to the same which I could change .
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
