Description of problem: Per https://access.redhat.com/articles/1232123 httpd configuration should disable the SSLv3 protocol.
https://github.com/openshift/origin-server/pull/5872
Commit pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/77a0deb928071bac235dff804bbf506a9113e151 Bug 1153313: Disable SSLv3 Bug 1153313 - Disable SSLv3 to mitigate POODLE CVE-2014-3566 https://bugzilla.redhat.com/show_bug.cgi?id=1153313
Note this is Origin. I fully expect that Online devenvs control this configuration some other way.
SSLv3 is disabled on online and origin. Mark this as verified.
Commit pushed to master at https://github.com/openshift/li https://github.com/openshift/li/commit/447b45d70987c60d5889d29ec59c9acbfd75ac2e Bug 1153313 - Disable SSLv3 Probably irrelevant for online where confs come out of puppet, but best to have devenvs match origin.