Views:

Summary



Perform the following procedure to disable TLS and enable SSLv3 in your ECX environment.

Resolution



The following steps require root access to the ECX/DPX Reporter virtual appliance. Contact Catalogic Software Data Protection Technical Support to obtain your root password and for information about accessing the ECX virtual appliance command prompt

Note: The DPX Reports plugin for ECX will be used as an example in this procedure.

  1. Edit the file /usr/java/latest/jre/lib/security/java.security by logging in to the appliance as root. Contact Catalogic Software Data Protection Technical Support to obtain your root password and for information about accessing the ECX virtual appliance command prompt.
  2. Edit the values of the Disabled Algorithms parameter from the following:
  3. jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
  4. to
  5. jdk.tls.disabledAlgorithms=MD5, DSA, RSA keySize < 2048
  6. Restart Virgo on the appliance through the following commands:
  7. service virgo stop
  8. service virgo start

Alternatively, you can remove SSLv3 from the list of disabled algorithms through the following command:

sed -i.bak "s#jdk.tls.disabledAlgorithms=SSLv3#jdk.tls.disabledAlgorithms=#g" /usr/java/latest/jre/lib/security/java.security