Skip to content

Go Anywhere 3.5.5 - WebClient Problem after poodle patch

Post any question you may have in regards to GoAnywhere Services and let our talented support staff and other users assist you.

Go Anywhere 3.5.5 - WebClient Problem after poodle patch

Post by Michael Hoppe »

Hi Everybody,

We have in our current goanywhere implementation some very strange problems with the enhanced Interface of the WebClient’s filebrowser.
So we receive the following error message when a user wants to start up the interface. This error message results in the failure of the enhanced interface.
enhanced Interface of the WebClient’s filebrowser
enhanced Interface of the WebClient’s filebrowser
error_message.png (17.14 KiB) Viewed 19301 times
That is the problem we face. But I guess for you guys it will also be interesting to understand the situation after which this error started to occure.
This error message troubles us since we installed the “anti” Poodle SSLv3 bugfix (GoAnywhere Services and POODLE Exploit CVE-2014-3566) from Linoma to our environment. Before this modification we had no issues with this problem.

The installation of the patch seems to be the cause of the problem but we currently have no idea what really is happening.

We did already some investigation on this error message and thought it might be caused by the fact ,that our companie'spredefined and not changeable Java version troubles us.
In our company we have as standard JRE 1.6.0_51 installed and configured.
Unfortunately just special users, which have enhanced permission on there workstations, have the possibility to install a newer version of java to their machines.
Having a higher version of Java installed, the error does not occur.

We as application team have no possibility to influence the standard workstation environment so we need the enhanced Interface to work even after the deactivation of SSLv3 with all possible java versions, including 1.6.0_51.

We searched the web and found out that java 1.6.0_XX has problems when the SSLv3 is deactivated, so we enabled it again within the Director and the Services. We thought that would solve the problem, but It didn’t. We didnt't remove the patch yet but enabled SSLv3 within the allowed SSL Types in the admin console of the https port.

Has anybody an idea what could cause this error to happen?? What can we do to get rid of this problem?

I also had a look at the Java consoles output, but didn’t see anything problematic on the first view.
(28.8 KiB) Downloaded 1385 times
Your help is highly appreciated and if i might have forgotten any important information for you, please let me know.