Secure the SnapCenter web server by disabling SSL 3.0

Contributors netapp-soumikd netapp-asubhas Download PDF of this page

For security purposes, you should disable Secure Socket Layer (SSL) 3.0 protocol in Microsoft IIS if it is enabled on your SnapCenter web server.

There are flaws in the SSL 3.0 protocol that an attacker can use to cause connection failures, or to perform man-in-the-middle attacks and observe the encryption traffic between your website and its visitors.

Steps

  1. To launch Registry Editor on the SnapCenter web server host, click Start > Run, and then enter regedit.

  2. In Registry Editor, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\.

    • If the Server key already exists:

      1. Select the Enabled DWORD, and then click Edit > Modify.

      2. Change the value to 0, and then click OK.

    • If the Server key does not exist:

      1. Click Edit > New > Key, and then name the key Server.

      2. With the new Server key selected, click Edit > New > DWORD.

      3. Name the new DWORD Enabled, and then enter 0 as the value.

  3. Close Registry Editor.