Disabling SSLv3 for GoAnywhere Director Administrator

Post any question you may have in regards to GoAnywhere Director and let our talented support staff and other users assist you.
1 post Page 1 of 1


Support Specialist
Posts: 12
Joined: Thu Mar 05, 2009 10:20 am

Post by Support_Erick » Fri Oct 17, 2014 3:37 pm
Perform the following steps to disable SSLv3 support for the administrative interface of GoAnywhere Director. This process will mitigate the the exploit known as POODLE (or Padding Oracle On Downgraded Legacy Encryption) for HTTPS connections to the GoAnywhere Director administrator:
  1. Log in to the system where GoAnywhere Director is installed.
  2. Navigate to [INSTALL_DIR]/tomcat/conf where [INSTALL_DIR] is the installation directory of GoAnywhere Director.
  3. Edit the file server.xml
  4. Locate the <Connector /> element that is configured to support SSL.
  5. Add the attribute sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to the <Connector /> element like the following screenshot:
  6. Save the file and restart the GoAnywhere Director service/subsystem.
The availability of specific versions of SSL/TLS is dependent upon the JSSE provider used by the JVM. For example, the JSSE provider shipped with Oracle JRE 1.6.0 does not include support for TLS 1.1 and TLS 1.2, however Oracle JRE 1.7.0 does include support for TLS 1.1 and TLS 1.2. In order to take advantage of this enhanced security, you may need to configure GoAnywhere to run on an alternate JRE. Consult your JRE documentation for more information on the supported versions of TLS.
1 post Page 1 of 1