Go to main content

Oracle^® SuperCluster M8 and SuperCluster M7 Security Guide

Exit Print View

» ...Documentation Home » Oracle SuperCluster M8 and SuperCluster M7 ... » Oracle^® SuperCluster M8 and ... » Securing Oracle ILOM » Hardening the Oracle ILOM Security Configuration » Disable Unapproved Protocols » Disable the SSLv2 Protocol for HTTPS

Updated: June 2020

Oracle^® SuperCluster M8 and SuperCluster M7 Security Guide

Document Information

Using This Documentation

Understanding Security Principles

Reviewing the Default Security Configuration

Securing the Hardware

Securing Oracle ILOM

Log in to the Oracle ILOM CLI

Determine the Oracle ILOM Version

(If Required) Enable FIPS-140 Compliant Operation (Oracle ILOM)

Default Exposed Network Services (Oracle ILOM)

Hardening the Oracle ILOM Security Configuration

Disable Unnecessary Services (Oracle ILOM)

Configure HTTP Redirection to HTTPS (Oracle ILOM)

Disable Unapproved Protocols

Disable the SSLv2 Protocol for HTTPS

Disable the SSLv3 Protocol for HTTPS

Disable Unapproved TLS Protocols for HTTPS

Disable SSL Weak and Medium-Strength Ciphers for HTTPS

Disable Unapproved SNMP Protocols (Oracle ILOM)

Configure SNMP v1 and v2c Community Strings (Oracle ILOM)

Replace Default Self-Signed Certificates (Oracle ILOM)

Configure Administrative Browser Interface Inactivity Timeout

Configure the Administrative Interface Timeout (Oracle ILOM CLI)

Configure Login Warning Banners (Oracle ILOM)

Additional Oracle ILOM Resources

Securing the Compute Servers

Securing the ZFS Storage Appliance

Securing the Exadata Storage Servers

Securing the IB and Ethernet Switches

Auditing for Compliance

Keeping SuperCluster M8 and SuperCluster M7 Systems Secure

Language:

Disable the SSLv2 Protocol for HTTPS

By default, the SSLv2 protocol is disabled for the HTTPS service.

For security purposes it is very important that SSLv2 is disabled.

On the management network, log in to Oracle ILOM.
See Log in to the Oracle ILOM CLI.

Determine if the SSLv2 protocol is disabled for the HTTP service.
```
-> show /SP/services/https sslv2
/SP/services/https
Properties:
sslv2 = disabled
```

If the service is enabled, disable the SSLv2 protocol.
```
-> set /SP/services/https sslv2=disabled
```

Verify the setting by repeating Step 2.

Copyright © 2020, Oracle and/or its affiliates.