Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1185612

Summary: override SSL protocol to TLSv1
Product: Red Hat Enterprise Virtualization Manager Reporter: rhev-integ
Component: ovirt-engineAssignee: Oved Ourfali <oourfali>
Status: CLOSED ERRATA QA Contact: Jiri Belka <jbelka>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 3.5.0CC: ecohen, eedri, gklein, iheim, jbelka, juwu, lpeer, lsurette, pstehlik, rbalakri, Rhev-m-bugs, yeylon, ylavi
Target Milestone: ---Keywords: ZStream
Target Release: 3.5.0-1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: org.ovirt.engine-root-3.5.0-31 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1185430 Environment:
Last Closed: 2015-02-16 14:50:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1185430    
Bug Blocks:    

Comment 1 Eyal Edri 2015-01-27 08:20:18 UTC 
patch was merged, moving to modified.
Comment 3 Jiri Belka 2015-02-03 14:13:16 UTC 
ok rhevm-3.5.0-0.31.el6ev.noarch

checked with wireshark...

[root@jb-rhevm35 tmp]# sed -n '1018,+4p' /usr/share/ovirt-engine/dbscripts/upgrade/pre_upgrade/0000_config.sql 
-- Override existing configuration to TLSv1 if it is SSLv3
select fn_db_update_default_config_value('VdsmSSLProtocol','SSLv3','TLSv1','general', false);
select fn_db_update_default_config_value('ExternalCommunicationProtocol','SSLv3','TLSv1','general', false);


[root@jb-rhevm35 tmp]# rpm -q rhevm-dbscripts
rhevm-dbscripts-3.5.0-0.31.el6ev.noarch

engine=# select option_value from vdc_options where option_name ilike 'VdsmSSL%' or option_name ilike 'ExternalCommu%';
 option_value 
--------------
 TLSv1
 TLSv1
(2 rows)
Comment 5 errata-xmlrpc 2015-02-16 14:50:58 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0230.html