Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Disable SSLV2 in Tomcat

Posted on 2009-06-29
8
Medium Priority
?
1,407 Views
Last Modified: 2012-05-07
I need to verify that SSLV2 is not enabled on our Tomcat web server. It is being hosted on a windows 2003 server.
0
Comment
Question by:heco
  • 6
  • 2
8 Comments
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24741528
Hi

I found this on

http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Microsoft_IIS/Q_22837110.html

Create a DWORD value in the following key named Enabled.  Set it to 0 (zero).  Reboot.


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server
0
 

Author Comment

by:heco
ID: 24741573
Thanks for the response. This appears to be for IIS, I need to know how to do it in Tomcat.
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24741627
Hi,  

the registry fix may simply disable SSLV2 on Win2k3

the registry key does not point to IIS Subkeys
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 

Author Comment

by:heco
ID: 24741634
Thanks, I will give it a shot and let you know!
0
 
LVL 9

Accepted Solution

by:
jfer0x01 earned 2000 total points
ID: 24741638
Hi,

according to

http://blog.techstacks.com/2008/09/securing-ssl-in-tomcat-part-one-sslv2.html

the author states that SSLv2 is disabled in newer versions of tomcat

and show a method with cURL to prove it
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24756023
any luck?
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24817546
any progress?
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24891049
Hi,

please award points or close question

Jfer
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question