Sunday, February 1, 2015

Fix for More TLS POODLE Troubles

If you're running IHS in front of your Domino servers you'll probably want to apply this setting to prevent against the latest POODLE attack which now also affects TLS (the last time we did this it only affected SSLv3).

Edit your Domino.conf file and add these lines inside your SSL configuration:

    # Enable strict CBC padding
    SSLAttributeSet 471 1 



The information can be found here:
http://www-01.ibm.com/support/docview.wss?uid=swg21692502