Disable SSL versions 2 and 3
Overview
Due to recent security vulnerabilities within the Secure Socket Layers (SSL) protocol versions 2 and 3, the use of these protocols should not be permitted. Indeed, web servers are being reconfigured to not permit communications with SSL, but rather the newer and more secure TLS protocol. That said, there should not be any noticeable issues browsing to websites, unless an older web browser is used. If issues are observed and a new browser is used, please following the instructions below for the appropriate major web browser.
Steps
Internet Explorer
- From within Internet Explorer, click the “Tools” menu (upper right hand corner) and select “Internet Options”.
- Click the “Advanced” tab (Figure 1).
- Uncheck “Use SSL 2.0” and “Use SSL 3.0”
- Check “Use TLS 1.0”, “Use TLS 1.1”, and “Use TLS 1.2”.
- Click “OK”
Google Chrome
SSL version 2 and 3 are disabled by default in version 39 and later. Alternatively, you may complete the following:
- Right-click on the Google Chrome shortcut and select “Properties” (Figure 2).
- Click inside the “Target” box and scroll to the end of the line
- Type:
--ssl-version-min=tls1
- Click “OK”.
Mozilla Firefox
SSL version 2 and 3 are disabled by default in Firefox version 39 and later. Alternatively, you may complete the following:
- From within Firefox, type the following in the address bar:
about:config
- One the resulting “This might void your warranty” warning page, click “I’ll be careful, I promise!” (Figure 3).
- Locate and double-click the following setting (Figure 4):
security.tls.version.min
- Change the value to 1, if not already so.
- Click “OK” and restart Firefox.
Apple Safari (Mac OS X)
Apple has released Security Update 2014-005 for Mac OS Mountain Lion and higher to disable the appropriate settings. Please update Safari from the App Store.
What's Next
After completing these steps you will...