Disabling SSL open domain server. How?

Hi all,
Can anybody elicidate to me how I can disable the SLL on a Open Domain OSX server?
In
http://support.apple.com/kb/HT5300
it is explained that you have to disable SSL prior to updating OSX from Mountain Lion with OSX server 2.2 to OSX MAvericks with server 3.
Any help is highly appreciated. Thanks already

Hi UptimeJeff,
Thanks for the reply.
I have rolled back three times from Mavericks to Mountain Lion server and will now stay there for some month until the quirks are ironed out. Mavericks OSX server is just to cumbersome right now.
So no email log to check at the moment.
But the email archives were not too big and the server had a full good night to do that.
The problem was strictly that server 3 app does not open after download and install and therefore does not let me finish configuration of the server.
Thanks anyway.

Similar Messages

  • Apple Mail 8.2 disables SSL to POP3 server (Securityrisk)

    Hi,
    Setup
    Computer:
    OSX 10.10.2
    Mail 8.2 (2070.6)
    Mail server A
    POP3 port 995 SSL
    (Non SSL - port 110 -  is disabled due to security reasons)
    Mail server B
    POP3 port 110
    POP3 port 995 SSL
    Summary
    OSX Mail client removes SSL support on non regular intervals for POP3 connections. For the connections that support regular non SSL POP3 (port 110) this reduces the security, but the mail is available. This was noticed by me because one ISP has locked down their POP3 server to SSL only due to security reasons. After reenabling SSL on the connection (Mail -> Preferences -> Accounts -> Account in question -> Advanced) the connection remains with SSL support for a while, then it is removed again. As OS X Mail has no token to identify SSL or regular port 110 connection this is transparant to the user, unless the server does not support regular POP3, at which time a error is generated.
    Comments
    1) This seems to be a security related issue with mail where OS X mail downgrades from SSL connection to regular port 110 POP3 traffic
    2) If corrected the connection is downgraded again within a couple of days, if not sooner.
    3) Connections to POP3 servers supporting port 110 are "unaffected" with the exception of the security issue of a downgrade
    4) Connections to POP3 servers that only support SSL - port 995 - are not able to complete until SSL has been reenabled manualy.
    5) Downgrade bug has been seen only on my machine, so it might not be something mainstream. Machine is updated to latest patches.
    Questions
    1) As this has only been observed on my machine, has anybody else seen this POP3 SSL downgrade bug?

    Same problem. The following information is from Symantec:
    To disable SSL\TLS
    Open Apple Mail.
    Click the Mail menu and select Preferences.
    Select your mail account on the left under Accounts, then click the Advanced tab.
    Confirm the check box labeled "use SSL" is not checked next to ports. If necessary remove the checkmark.
    Click the Account Information tab and select Edit Server list from the drop down next to Outgoing Mail Server.
    Click the Advanced tab and confirm there is not a checkmark next to Use Secure Socket Layer(SSL).
    Click OK and close the accounts. Window and choose to save.
    Click Save to update your settings.
    Restart Apple Mail.
    This does work for a while but eventually Mail reverts to enabling Use SSL and disabling Allow Insecure Authentication but only one some of my addresses but not all. Some accounts POP logs-in but not SMTP.

  • I have been denied access to two of my marketing partner websites due to an "Open Proxy Server" How do I correct this problem

    How do I correct an open proxy server?

    First of all, where are you having the problem? Is this at home, or at work? Many times, the internet at work offices will use an open proxy server to limit connections/bandwidth/websites, etc. If you have this problem at home, you need to check to see if your router has a proxy, and either remove it, or configure it in Firefox.

  • How to disable SSL v3 for sun os 5.6 (OAS 4.0.8), I am facing POODLE vulnerability issue?

    my Website is hosted on Sun OS 5.06 (OAS 4.0.8) and using web server : Oracle_Web_Listener/4.0.8. Website is configured to use https for secure pages and it was working fine from last 10 years but suddenly i am getting complaints from my customers that they can not browse site on chrome version 40 and above and firefox 34 and above.
    I searched for this issue and found that there is POODLE attack which may causing this issue. now the only solution i can see is to disable SSL v3 on server.
    Can any help me out with the process or an idea, How to disable SSL V3 on this Olde server? its sun microsystem server.

    Hi Aamir,
       This is old software, been a while since I saw one of these.
        Normally when SSL was setup there were two listeners, one with SSL and one without, in a different port, so you could try to find this second port, which may work without any need to change the configuration.
        Else, try to check on the OAS manager (Usually on port 8888), the HTTP listener -> WWW -> Network, if there is a setup only for the SSL port, you will need to add a new line, with the same configuration, but a different port and the security disabled.
        Also, there may be some setting on the application itself for the url path. If so, when you navigate in the application it will try to redirect you back to the SSL port. In that case you will need to figure out where to change that, which depend on the application itself.
       Found this page on google with the process to setup SSL on OAS 4.0, you need to do the inverse of step 5.
    WoSign Support: SSL Certificates Installation Instruction - Oracle Web Server (OAS 4.0.8)
    Regards,
    Luis

  • What should be done in certmap.conf for 2-way SSL support from a standalone Java application to an SSL enabled LDAP Server

    To support certficate based client authentication using 2-way SSL from a standalone java application which uses JNDI and JSSE1.0.2 to connect to an SSL enabled LDAP Server how do we configure the certmap.conf?Is there any additional setup required at the LDAP Server side apart from enablinf SSL with the option"Required Client Authentication" enabled.The 2 way SSL handshake goes through but the access log file (After configuring the certmap.conf for the issuer DN of the client certficate etc..)shows SSL failed to LDAP DN?But inspite of this access log error the Java client does get an SSL Connection object with which it is able to connect to the LDAP.IS the certmap.conf file being looked up by the LDAP Server at all?

    have you out.flush() and out.close() before you call connection.getInputStream()?

  • How do you disable SSL\ CBC Ciphers and Weak Algorythms in Windows Server 2003

    Hello, and please accept my humble thanks in advance.The problem that I'm having is the protocols listed below must be disabled on my Windows 2003 (IIS) Servers before we can pass a PCI audit. Now I've taken care of all of this on Windows 2008R2, but not
    without days and nights of searching the internet for information that is not only clear to understand but accurate, however, I'm not having much luck with 2003.
    Vulnerabilities:
    SSL Server Supports CBC Ciphers for SSLv3
    SSL Server Supports CBC Ciphers for TLSv1
    SSL Server Supports RC4 Ciphers for SSLv3
    SSL Server Supports RC4 Ciphers for TLSv1
    SSL Server Supports Weak MAC Algorithms for SSLv3
    SSL Server Supports Weak MAC Algorithms for TLSv1
    Here's what I've tried, I've done the registry edit as follows, it did not work;
    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]
    "EventLogging"=dword:00000001
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\NULL]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 128/128]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40/128]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168/168]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\MD5]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\PKCS]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
    "Enabled"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
    Here's what I've tried, I've installed the Microsoft Security Bulletin MS12-006 - Important Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584), it did not work for those issues but it did close the SSLv2.0 problem.
    Is there ANY reason why the registry edit would not work?
    Again, thank you.
    Don
    Also,
    Has anyone seen or used this Hotfix... what is it and how would it relate to this issue.
    An update is available to adds support for the TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA and the TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA AES cipher suites in Windows Server 2003
    http://support.microsoft.com/kb/948963

    Hi,
    Hope we could find helpful information in the below KB:
    How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll
    http://support.microsoft.com/kb/245030
    Please go through it.
    TechNet Subscriber Support
    If you are
    TechNet Subscription
    user and have any feedback on our support quality, please send your feedback
    here.
    Regards, Yan Li

  • How do I close an open DNS Server

    I have received an email from my internet provider stating I have an open DNS Server and my network has been used to attack other networks (DOS) Denial of service. I can't figure out how to secure my network. or close the open DNS server.

    You should at least update your Mac to 10.6.8 although I am not sure there are any particular security issues that would be there.
    Of course running later OS is always better.. as the latest security updates are implemented in the most recent OS.. but I am not sure one follows the other as some weaknesses are introduced as well in later OS. Any security updates should certainly be installed.
    The main point is what modem and what router do you have?
    There are a number of these notices being sent to users with apple routers which are hard to believe can be involved. It is more likely the ISP equipment. But we cannot really help you with exact details of your network .. or any more precise details the ISP has given you.
    Ring up and talk to their technical help dept. and ask for their help. Even if they won't help you fix apple router.. put the modem in router mode or buy a new modem with router mode and change the apple router to bridge.. then the issue is not caused by you and the ISP can remotely adjust their own box.

  • How to disable sslv2 on windows server 2008 r2

    we are getting alerts from our third party application regarding the vulnerability error in our doamin.they mentiojn the following  vulnerability message
    Abp

    https://www.sslshopper.com/article-how-to-disable-ssl-2.0-in-iis-7.html
    Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

  • How to disable an "open for editing" option in word/excel viewers

    Hi All.  It's my first post on here so please be gentle! ;-)
    We have a situation on an RDS server whereby the majority of the users simply need Excel Viewer to review reports generated from an application, with only a very small number of users that actually need to amend and save these reports within Excel 2013 i.e.
    a version of Excel that we need a license for.
    There is an option within Excel Viewer that says "Open for editing" and unfortunately, because we also have Excel installed on the server this allows them to launch the Excel 2013 application i.e. full-blown Excel.
    Is there a way that I can disable this menu item, or can anyone suggest a way that I can stop users from launching Excel 2013?  I suspect that I can use AppLocker to prevent them calling on the excel.exe, but I was rather hoping that there was a more
    elegant way i.e. to simply disable the menu item in Excel Viewer.
    Any help / suggestions would be greatly appreciated.

    It may be difficult for us to disable the "Open for Editing" option in Excel Viewer. 
    If you want to allow only view access to certain files, you should consider controlling access to the file location with network security. Grant the "view only" users with Read-only permission to access the document file location.

  • How setup browser laces import Bookmarks HTML security disable button open Device Manager security warni vewing mixed

    how to alter these settings?
    1.browser laces import Bookmarks HTML?
    2.security disable button open Device Manager?
    3.security warni vewing mixed?

    We didn't get a reply from you.  I just wanted to try and follow up before I close this out. 
    I'd like to know if the issue went away, and/or if you could confirm whether it's Firefox specific or happening in all browsers.

  • When connecting to a previously opened server, how do I change to a "registered user" from formerly used "guest?"

    During my attempt to transfer my PC contents to my Mac using an ethernet cable, I typed my PC name in to the server address space (under connect to server).  I did not understand that the sign-in info for "registered user" was supposed to be my PC sign-in info.  I was trying to use my MAC info, which didn't work, so I just signed in as a guest.  All the files are useless, I think because I signed in as a guest.  So I would like to sign in as a "registered user," now that I know I need to use my PC sign-in info.  However, now the mac has it in its system and won't give me the option.  Does anyone know how I can get a second chance to do this?
    Thanks, Sharky

    Server Admin 10.6 Help: Changing the Password Type to Open Directory
    Server Admin 10.6 Help: Changing a User’s Password
    Server Admin 10.6 Help: About Password Types
    Server Admin 10.6 Help: If You Must Reset an Administrator Password
    Server Admin 10.6 Help: If You Can’t Change a User’s Open Directory Password
    Server Admin 10.6 Help: Changing the Password Used for Authenticating an LDAP Connection
    Server Admin 10.6 Help: Specifying User Name and Password

  • How to disable automatic opening of previously viewed items in Preview or TextEdit in Max OSX Lion?

    How to disable automatic opening of previously viewed items in Preview or TextEdit in Max OSX Lion? It was no such issue on Snow Leopard OS.
    Please help

    This is a new behavior introduced in Lion.  You can disable it completely via System Preferences, General: uncheck the "Restore windows..." box toward the bottom. 
    You can disable this behavior on a case by case basis by either closing all windows before quitting, or holding the option key while quitting, or holding the shift key while launching from dock.
    charlie

  • I am trying to publish a web site using my own domain. How do I transfer my host to mac from another server?

    I am trying to publish a web site using my own domain. How do I transfer my host to mac from another server?

    I've created a CNAME entry to redirect the domain to apple but the site is still not live! Can anyone help please?
    Did you also do what is required in the .Mac account settings?
    http://help.apple.com/mac2/1/help/member/pgs2/memfmsetgen367.html
    Could you provide your urls?

  • How do i disable the open/save image dialog box in firefox? I want to directly save the image file to the drive.

    How do i disable the open/save image dialog box in firefox? I want to directly save the image file to the drive without clicking on save option everytime when saving an image. I'm using firefox ver 35.0.1 for windows 7.

    Click on the Firefox menu. Then click "Options". Go to "Applications" tab. Search for jpg and png file type. You will find they have "Always ask" action attribute. Change it to "Save file".
    Hope it will work fine for you.

  • How to detect whether browser's java script  disabled or not from server

    How to detect whether browser's java script disabled or not from server side

    I would use a hidden parameter created by a javascript. if this is null, javascript is disabled...

Maybe you are looking for

  • Migrate an ADF application to weblogic 11g

    Hi, I'm trying to migrate a 10g ADF application deployed in OC4J to 11g using the migration tool of JDeveloper. After some changes in code to adapt to the new api i have an error in libraries while trying to deploy in embeded weblogic. <30 Ιουν 2010

  • Blog summary weirdness

    okay this is nutty. I've got 3 blogs on a site. published them to a mobile me account. one is just fine, but on the other two, the links in the blog summary are all dead. however if you go the archive. the links are fine. and all other links are fine

  • Adobe 8.1.2

    I am running WXP and was recently notified by Adobe, and downloaded, Adobe 8.1.2, to replace an earlier version. I just received, via the Internet, a PDF in Adobe 7.0. In the past, when I clicked on this sort of attachment, I recall that it would aut

  • I forgot my administrator password

    please help me to restore my password on my iMac

  • Interactive PDF into InD 5.5 then back to PDF

    For InDesign 5.5, I have an interactive PDF (not movie, user can interact using Acrobat Reader) that I want to place into a new InDesign document then add text (using InDesign) and finally PDF the InDesign document that still retains the capabilities