907532 – Add support for SSLv3 when Apache is not used as proxy

Bug 907532 - Add support for SSLv3 when Apache is not used as proxy

Summary: Add support for SSLv3 when Apache is not used as proxy

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine-setup
Sub Component:
Version:	3.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	unspecified
Target Milestone:	---
Target Release:	3.1.3
Assignee:	Juan Hernández
QA Contact:	Pavel Stehlik
Docs Contact:
URL:
Whiteboard:	integration
Depends On:	893979
Blocks:
TreeView+	depends on / blocked

Reported:	2013-02-04 16:13 UTC by Idith Tal-Kohen
Modified:	2013-11-27 23:59 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Previously, if Apache was not used as the proxy for the application server, the HTTPS connector would only configure TLSv1 protocol. Connections to the application server using SSLv3 protocol would fail. Now, SSLv3 is supported and can be used to connect to the application server.
Clone Of:	893979
Environment:
Last Closed:	2013-03-12 14:29:15 UTC
oVirt Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2013:0557	0	normal	SHIPPED_LIVE	rhevm 3.1.3 bug fix update	2013-03-12 18:26:15 UTC
oVirt gerrit	10858	0	None	None	None	Never

Comment 2 Juan Hernández 2013-02-11 16:26:36 UTC

Note that the option to disable TLSv1 isn't -no_tlsv1 but -no_tls1 (without the v). Check the s_client manual page for details. So the complete command to do the test should be like this:

  openssl s_client -connect f17.example.com:8701 -no_tls1

Comment 5 errata-xmlrpc 2013-03-12 14:29:15 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0557.html

Note You need to log in before you can comment on or make changes to this bug.