10-16-2014 04:26 AM
Since Aruba Instant was also affected by the latest SSL vurnability, I was trying to find out how to force it to only accept TLS as in Aruba OS.
I was, however, unable to find any information regarding the command to use.
Does anyone know?
Solved! Go to Solution.
10-16-2014 05:52 AM
More info on this:
All modern browsers support TLSv1 at a minimum, and most also support TLSv1.1 and TLSv1.2.
We recommend disabling SSLv3 support in the browser.
As long as one side of the connection refuses to support SSLv3, the attack will be unsuccessful.
If you have a controller, executing the following command from the controller CLI will enable only TLSv1:
(config) #web-server ssl-protocol tlsv1
For our official response, see here:
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
10-16-2014 06:54 AM
Yes, I´ve disabled it in my browsers a long time ago. But for those unfamiliar with the issues, I wanted to have some guarentees.
Thanks for the information but I´ve already seen it and are familier with the proceedure to disable support for SSL v3 in ArubaOS.