I'm running an old version of xcat (2.6.9) and to resolve POODLE, I had added:
SSL_cipher_list=>'HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3', To the xcatd start_SSL perl code. From: Lissa Valletta [mailto:[email protected]] Sent: Thursday, October 30, 2014 10:15 AM To: xCAT Users Mailing list Subject: Re: [xcat-user] Force xCAT to only use TLS No there is no way to just use TLS, we use openssl to generate our credentials and secure our daemon to daemon communication. Can you not just disable sslV3 on the MN and service nodes, if you have them. disable SSLv3 in the HTTPD config: SSLProtocol All -SSLv2 -SSLv3 Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 [Inactive hide details for Phil Langerholc ---10/30/2014 09:48:32 AM---Hello, Is there a way to force xCAT to only use TLS vs]Phil Langerholc ---10/30/2014 09:48:32 AM---Hello, Is there a way to force xCAT to only use TLS vs sslV3? We have a From: Phil Langerholc <[email protected]<mailto:[email protected]>> To: xCAT User List <[email protected]<mailto:[email protected]>> Date: 10/30/2014 09:48 AM Subject: [xcat-user] Force xCAT to only use TLS ________________________________ Hello, Is there a way to force xCAT to only use TLS vs sslV3? We have a mandate to disable SSLV3 across the board due to POODLE and xCAT is being flagged. -- ---Phil ------------------------------------------------------------------------------ _______________________________________________ xCAT-user mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/xcat-user ---------------------------------------------------------------------- This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.
------------------------------------------------------------------------------
_______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
