For servers where HTTPS support has been enabled for the Columbus login and webadmin pages, its possible to disable SSLv3 encryption and leave only TLSv1 support enabled. To do that users must add a line to the server section of the /usr/local/PerkinElmerCTG/Columbus/webapp/server/config/nginx.tmpl file to specifiy ONLY the supported protocols. See the last line in the excerpt below as an example.
~~~~~~~~~~~~~~~~~~~~~
# https server for /login and /webadmin requests
server {
listen ${https_port} ssl;
ssl_certificate ${https_certificate};
ssl_certificate_key ${https_key};
# turn off SSL encryption
ssl_protocols TLSv1;
...
}
~~~~~~~~~~~~~~~~~~~~~
The Columbus service must be restarted after making the modifications.
$ sudo /etc/init.d/columbus restart
Note: Any modification will be overwritten during the next Columbus update.