About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Question & Answer
Question
How do I configure AIX to disable SSLv3, TLS 1.0, TLS 1.1 or other SSL features that are no longer considered secure?
Answer
The AIX base operating system uses OpenSSL 1.0.2, which does not provide a global configuration mechanism to enable or disable default cipher and protocol settings for applications. Instead, it is up to each application to allow users to configure the application to pass these configuration choices to the OpenSSL library via the SSL_CTX_set_cipher_options or SSL_set_cipher_options function calls.
Because configuration is done on a per-application basis, the methods and options will vary. Each application using OpenSSL must be identified and its documentation consulted to determine how to configure it to comply with environmental security requirements. Documentation on how to configure the programs which use OpenSSL that are part of the AIX base operating system may be found at http://www.ibm.com/support/docview.wss?uid=isg3T1025319.
IBM Java has its own SSL implementation and does not use OpenSSL. Documentation on how to configure it to disable older SSL functionality may be found at http://www-01.ibm.com/support/docview.wss?uid=isg3T1023713.
SUPPORT: If additional assistance is required after completing all of the instructions provided in this document, please follow the step-by-step instructions below to contact IBM to open a case for software under warranty or with an active and valid support contract. The technical support specialist assigned to your case will confirm that you have completed these steps. a. Document and/or take screen shots of all symptoms, errors, and/or messages that might have occurred b. Capture any logs or data relevant to the situation. c. Contact IBM to open a case: -For electronic support, please visit the IBM Support Community: d. Provide a good description of your issue and reference this technote e. Upload all of the details and data to your case -You can attach files to your case in the IBM Support Community http://www.ibm.com/support/docview.wss?uid=ibm10733581 f. Click here to submit feedback for this document. |
Related Information
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG10","label":"AIX"},"Component":"","Platform":[{"code":"PF002","label":"AIX"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Was this topic helpful?
Document Information
Modified date:
11 June 2019
UID
ibm10875516
Manage My Notification Subscriptions