Thanks Hal, issue has been raised to the support for a while. I just try to find help any where I can. Hope someone from the community has done the fix.
TM ART uses Tomcat as its builtin web server and java container. You should google up "tomcat poodle fix" and go from there. I don't have a functional TM ART implementation in my current position so can't be more specific.
I have tried all I can, just cannot make it work. It supposes to have a server.xml file, but this is the BMC customized tomcat, the SSL port is not defined there.
It is not an SSL port you need to disable, it is the SSLv2 and SSLv3 protocols. So far as I recall, Tomcat isn't customized other than changing the default ports.
Does this article help? security - How do I disable SSLv3 in tomcat? - Ask Ubuntu
I'll see if I can find an old VM with TM ART when I have a chance.
Here is where the port is defined. C:\.....\Central\conf\execserver\SccExecServerBootConf.xml
<!--To be connectable from a proxy, the port needs to be 443. Set to 0, if no proxy is in use and 443 should remain unbound.-->
<!--The appserver will connect and send a Lease request every n/2 seconds-->
Here is the server.xml file
<Server port="19128" shutdown="SHUTDOWN">
<!-- Define the top level container in our container hierarchy -->
<Engine name="ExecServer" defaultHost="localhost">
<Host name="localhost" unpackWARs="true" autoDeploy="false" appBase="../../wwwroot"
I have no way to find the connector section to disable the SSLv3
With no installed copy of TM ART to examine, I'm at a loss on how to go further.
Stabs in the dark:
- Have you looked for other server.xml files in the TM ART ES install tree?
- Have you looked at other *.xml files for a possibly renamed server.xml file (not even sure this is possible as I'm not a Tomcat admin)
- Have you searched for sslProtocols and sslEnabledProtocols in every file in the TM ART install dir?
TM ART uses Tomcant standalone (without the Apache Web Server) so the config might be different than what Google is turning up for me.
There are 4 server.xml files for four servers. None of them has the sslProtocol keyword. The only sslProtocol keyword is show up in the manual, it is about to setup the ssl connect for the central server.