Poodle SSL V3 Protocol Vulnerability in CA CSM

Important! Notification for CA Chorus Software Manager (CSM) users who have configured CSM to enable HTTPS access.
Note: Ignore this message if your CA CSM is not configured to enable HTTPS access.


There is a vulnerability in HTTPS, this fix will basically disable HTTPS and only allow TLS. If you configured CA CSM to use HTTPS instead of HTTP for user access, either manually, by using a USS file to store certificates, or using an external security manager, follow the directions below:

  1. Generate a keystore or generate a digital certificate for Apache Tomcat
  2. Configure Apache Tomcat
    1. Go to tomcat/conf and open the server.xml file.
    2. Comment out or remove the line with the SSL connector variable
    3. Add following line into this section sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"
  3. Start (or restart) Apache Tomcat
  4. Enable your browser to use TLS encryption
  5. Restart your browser
  6. Access the HTTPS URL

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required


We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile

  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.

    Rate Your Chat Experience.


agent is typing