Environment
Reflection for the Web 2014 (All Editions)
Reflection for the Web 2008 (All Editions)
Reflection for the Web 2011 (All Editions)
Reflection Security Gateway 2014 (All Editions)
Reflection Security Gateway 2011
FileXpress Gateway
Reflection for the Web 2008 (All Editions)
Reflection for the Web 2011 (All Editions)
Reflection Security Gateway 2014 (All Editions)
Reflection Security Gateway 2011
FileXpress Gateway
Situation
Some Attachmate products run Java in a web browser (Java Applet and/or
Web Start) or from the command line. This technical note describes how
to disable SSL 3.0 in Java to mitigate the POODLE vulnerability.
Resolution
Disabling SSL 3.0 in Java Control Panel
To disable SSL 3.0 support when Java is run in a web browser:
- Open Java Control Panel.
Example: Start > Control Panel > Programs > Java (32-bit)
- Click the Advanced tab.
- Scroll down to Advanced Security Settings:
- Uncheck Use SSL 3.0.
- Check Use TLS 1.2 and Use TLS 1.1.
- Click OK.
Note: To disable SSL 3.0 support in Internet Explorer, see https://technet.microsoft.com/en-us/library/security/3009008.aspx.
Disabling SSL 3.0 on Command Line
To disable SSL 3.0 when running Java applications from shell or script commands, add the following command line option:
-Dhttps.protocols="TLSv1"
For example:
java -Dhttps.protocols="TLSv1" cfcc.Config