[c-nsp] Disabling SSL Version 2.0 on CSM with SSL (WS-X6066-SLB-S-K9)
Kevin Graham
kgraham at industrial-marshmallow.com
Tue May 12 21:53:26 EDT 2009
> we are now required to disable SSL 2.0 on all SSL proxies.
>
> Looking at the command reference there does not seem to be an option to do this.
It's a trick question; SSLv2 isn't supported (at most, you can configure a
destination to shunt v2 traffic to):
http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/csms/2.1.1/configuration/guide/ssl_srvc.html#wp1051979
> We have a number of CSMs with SSL model WS-X6066-SLB-S-K9 (IOS
> 12.2(18)SXE1 CSM 2.1(5))
Assuming this requirement came from a security review, hopefully the next
item of concern is upgrades for both of these...
More information about the cisco-nsp
mailing list