Print this page

Accessing Identity Connect with SSL v3.0 disabled in browser

Knowledge Article Number 000206225
Description

This article explains how to access Identity Connect (admin/console pages) with SSL v3.0 disabled in browser.
Fix applicable for 
 Identity Connect 1.0.4

 

Resolution In the wake of  recent SSL 3.0 Security Advisory (aka "Poodle Attack"), we can  globally disable SSLv3 for all Identity Connect clients by replacing the existing jetty.xml file in $IC_HOME/conf with the file attached ( backup original file ). This will disable SSLv3 for Identity Connect's embedded jetty container. If modifications were made  to Identity Connect's default jetty.xml file, these customizations will need to be added to the attached file. 
Please test this file in a QA environment before deploying to production.




Attachments
Name Type Size
jetty.xml
2KB

promote demote