due to security constraints I have to disable SSLv3 for all the Web-UIs available in the stack.
For Ambari/Ranger/Knox this isn't a problem at all, but I have no clue how to disable SSLv3 in Hue (used version is 2.6.1-2, yes, pretty old 😉 ).
Any hint highly appreciated.
It appears Hue uses Django for the web server, which can either run with its own embedded server (recommended for dev/test only) and using Apache httpd (recommended for production). To disable SSLv2/v3 in Apache, you should use the following config line in each
VirtualHost block in the
SSLProtocol all -SSLv2 -SSLv3
Hi @Andy LoPresto, many thanks for your reply.
Since we are not using apache-httpd for that, I applied the one-line-patch for disabling SSLv3 from the embedded webserver (see my answer). ...and on the long run I want to switch to AmbariViews anyways 😉