[c-nsp] Disabling SSL Version 2.0 on CSM with SSL (WS-X6066-SLB-S-K9)

Kevin Graham kgraham at industrial-marshmallow.com
Tue May 12 21:53:26 EDT 2009

> we are now required to disable SSL 2.0 on all SSL proxies.

> Looking at the command reference there does not seem to be an option to do this.

It's a trick question; SSLv2 isn't supported (at most, you can configure a
destination to shunt v2 traffic to):


> We have a number of CSMs with SSL model WS-X6066-SLB-S-K9 (IOS
> 12.2(18)SXE1 CSM 2.1(5))

Assuming this requirement came from a security review, hopefully the next
item of concern is upgrades for both of these...

More information about the cisco-nsp mailing list