Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to disable TLS 1.0 support in Solaris
Special Forums Cybersecurity How to disable TLS 1.0 support in Solaris Post 302662419 by s ladd on Tuesday 26th of June 2012 01:49:47 PM
Old 06-26-2012
How to disable TLS 1.0 support in Solaris
Hey Guys,
I have a couple servers that are getting flagged by by our network security team. How do I disable TLS 1.0 protocol within Solaris? The vulnerability is :

CVE-2011-3389
TLS-SSL Server Blockwise Chosen-Boundary Browser Weakness
 

8 More Discussions You Might Find Interesting

1. Solaris

disable telnet on Solaris

All - would you please some one help me to disable telnet on Solaris? /etc/inetd.conf Thanks :confused: (11 Replies)
Discussion started by: March_2007
11 Replies

2. Solaris

Disable all the logs in Solaris

Hi Is there anyway to disable all logs/logging (lastlog, sulog, messages etc.) in Solaris 9&10? I know this is not recommended but i just want to know if this is possible. TIA Reddy (8 Replies)
Discussion started by: reddyr
8 Replies

3. Red Hat

SSL/TLS renegotiation DoS -how to disable? Is it advisable to disable?

Hi all Expertise, I have following issue to solve, SSL / TLS Renegotiation DoS (low) 222.225.12.13 Ease of Exploitation Moderate Port 443/tcp Family Miscellaneous Following is the problem description:------------------ Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Discussion started by: manalisharmabe
2 Replies

4. Red Hat

HOW TO DISABLE SSL/TLS RENEGOTIATION?

Hi guys, Those who work on Apache may help me on this. I have following problem Description: The remote service encrypts traffic using TLS / SSL and permits clients to renegotiate connections. The computational requirements for renegotiating a connection are asymmetrical between the... (3 Replies)
Discussion started by: manalisharmabe
3 Replies

5. Solaris

Solaris 11 disable IPv6

I've new installed Solaris 11 on Sparc T4-1. I'd like to disable IPv6 but with no luck. lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 net0: flags=1000803<UP,BROADCAST,MULTICAST,IPv4> mtu 1500 index 2 inet... (6 Replies)
Discussion started by: samer.odeh
6 Replies

6. Solaris

How do I disable a core(or more) while boot up in Solaris 10?

Hi, I have 4 cores in my PC. I know how to disable a core using psradm -f command after boot up. But I want to disable while boot up (permanently). 1) I want only 1 core. How to disable all other cores while boot up? 2) I need to disable 2 cores. How to disable all other cores while boot... (5 Replies)
Discussion started by: sreejesh
5 Replies

7. Solaris

Can't disable CPU in Solaris

hello all i have an issue about a solaris V440 cpu, im logged in the Ok prompt i can't disable a CPU3, i can't see it in dev list, i see only the cpu3-bank0 to cpu-bank4 please help me to disable it thank youuu (3 Replies)
Discussion started by: walidadam
3 Replies

8. Solaris

How to configure CUPS on Solaris 11.3 - TLS and no TLS?

We are implementing CUPS on a new Solaris 11.3 system. The same system will run an application where users can print to networked printers inside our organisation, or to a printer outside of our organisation over the internet. For users printing to internal network printers, no encryption is... (0 Replies)
Discussion started by: SallyB
0 Replies

LEARN ABOUT V7

ssl_accept

SSL_accept(3SSL)						      OpenSSL							  SSL_accept(3SSL)

NAME

       SSL_accept - wait for a TLS/SSL client to initiate a TLS/SSL handshake

SYNOPSIS

	#include <openssl/ssl.h>

	int SSL_accept(SSL *ssl);

DESCRIPTION

       SSL_accept() waits for a TLS/SSL client to initiate the TLS/SSL handshake.  The communication channel must already have been set and
       assigned to the ssl by setting an underlying BIO.

NOTES

       The behaviour of SSL_accept() depends on the underlying BIO.

       If the underlying BIO is blocking, SSL_accept() will only return once the handshake has been finished or an error occurred, except for SGC
       (Server Gated Cryptography). For SGC, SSL_accept() may return with -1, but SSL_get_error() will yield SSL_ERROR_WANT_READ/WRITE and
       SSL_accept() should be called again.

       If the underlying BIO is non-blocking, SSL_accept() will also return when the underlying BIO could not satisfy the needs of SSL_accept() to
       continue the handshake, indicating the problem by the return value -1.  In this case a call to SSL_get_error() with the return value of
       SSL_accept() will yield SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. The calling process then must repeat the call after taking appropriate
       action to satisfy the needs of SSL_accept().  The action depends on the underlying BIO. When using a non-blocking socket, nothing is to be
       done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into
       or retrieved out of the BIO before being able to continue.

RETURN VALUES

       The following return values can occur:

       1.  The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established.

       0   The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. Call
	   SSL_get_error() with the return value ret to find out the reason.

       <0  The TLS/SSL handshake was not successful because a fatal error occurred either at the protocol level or a connection failure occurred.
	   The shutdown was not clean. It can also occur of action is need to continue the operation for non-blocking BIOs. Call SSL_get_error()
	   with the return value ret to find out the reason.

SEE ALSO

       SSL_get_error(3), SSL_connect(3), SSL_shutdown(3), ssl(3), bio(3), SSL_set_connect_state(3), SSL_do_handshake(3), SSL_CTX_new(3)

1.0.1e								    2014-08-06							  SSL_accept(3SSL)
All times are GMT -4. The time now is 05:36 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy