Table of ContentsLibraryView in Frames

Enabling or disabling SSLv2 or SSLv3

If your storage system has the SSL protocol enabled, you can specify the SSL version(s) to use.

About this task

Enabling the SSL versions alone does not enable the SSL protocol for the storage system. To use SSL, ensure that the protocol is enabled on your storage system.

SSLv3 is recommended over SSLv2 because SSLv3 offers better security protection than SSLv2. You can leave both SSL versions enabled, or you can disable one of them. In addition to enabling the SSL protocol, you must also have at least one SSL version enabled for the storage system to use SSL for communication.

Step

  1. Enter the following command to enable or disable SSLv2 or SSLv3:
    To enable or disable this SSL version:           Enter the following command:
    SSLv2 options ssl.v2.enable {on|off}
    SSLv3 options ssl.v3.enable {on|off}

    Setting the option to on (the default) enables the SSL version on HTTPS and LDAP connections, if the following options are also set to on:
    • httpd.admin.ssl.enable (for HTTPS)
    • ldap.ssl.enable (for LDAP)

    Setting the option to off disables the SSL version on HTTPS and LDAP connections.

    For more information about these options, see the na_options(1) man page.

    For more information about LDAP, see the Data ONTAP 7-Mode File Access and Protocols Management Guide.

Related tasks
Setting up and starting SSL