So the openjdk in most linux distros has now been upgraded to v1.8. This has a good bug fix regarding the whole SSLv3 Poodle vulnerability.
This has one problem. The Dell DRAC remote management cards installed in a lot of Dell servers relies on SSLv3 to operate. Without this, you can get into the web interface – but when you get an error stating Error when reading from SSL socket connection and no further.
drac-ssl-error
Thankfully, it is simple to re-enable SSLv3 to allow the connection to succeed.
Open up /usr/lib/jvm/*/jre/lib/security/java.security in your favourite editor as root, and change the following line:
jdk.tls.disabledAlgorithms=SSLv3
to
jdk.tls.disabledAlgorithms=
This enables SSLv3 to all java applications – however it exposes yourself to the MITM attack as defined in CVE-2014-3566. I suggest having a read of the CVE to understand if you want to leave this setting as default on your system or disable it again afterwards.
Frome:https://www.crc.id.au/2015/01/31/java-update-broke-the-dell-drac-5-remote-management-cards/
211
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
