Poodle SSL V3 Protocol Vulnerability in CA CSM - CA Technologies
{{search ? 'Close':'Search'}}

Poodle SSL V3 Protocol Vulnerability in CA CSM

Important! Notification for CA Chorus Software Manager (CSM) users who have configured CSM to enable HTTPS access.
Note: Ignore this message if your CA CSM is not configured to enable HTTPS access.

Symptom: POODLE SSL V3 PROTOCOL VULNERABILITY.

Solution:
There is a vulnerability in HTTPS, this fix will basically disable HTTPS and only allow TLS. If you configured CA CSM to use HTTPS instead of HTTP for user access, either manually, by using a USS file to store certificates, or using an external security manager, follow the directions below:

  1. Generate a keystore or generate a digital certificate for Apache Tomcat
  2. Configure Apache Tomcat
    1. Go to tomcat/conf and open the server.xml file.
    2. Comment out or remove the line with the SSL connector variable
    3. Add following line into this section sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"
  3. Start (or restart) Apache Tomcat
  4. Enable your browser to use TLS encryption
  5. Restart your browser
  6. Access the HTTPS URL

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing