• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2225
  • Last Modified:

How do I disable SSL Version 2.0? We have V5R4 running with IBM HTTP Server.

How do I disable SSL Version 2.0 on V5R4 running with IBM HTTP Server?

I see that CALL QSYS/QSOMAINT PARM(35 1)

Will allow me to view the enabled/disabled SSL versions, but how do I disable a version I no longer want to support?

Thanks & Best Regards!
0
adamsmw
Asked:
adamsmw
1 Solution
 
Gary PattersonVP Technology / Senior Consultant Commented:
IBM has an API that is not publicly documented that provides this capability in V5R3 and V5R4.

You have to request the API documentation from IBM directly, and an authorized officer from your company will have to sign a non-disclosure agreement.
 
Contact Angela Newton (amnewton@us.ibm.com) to get the instructions on how to restrict SSL Version 2.0 on a system running V5R3 and V5R4.  The LAAPI is not available for earlier versions, and is not needed in later versions (V6R1, for example, ship with the weak ciphers turned off by default).

Tell Angela that Gary Patterson sent you!  We just went through this issue with another customer.

- Gary Patterson
0
 
adamsmwAuthor Commented:
Thanks Much!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now