Support Questions

geko · ‎03-02-2016

Hello,

due to security constraints I have to disable SSLv3 for all the Web-UIs available in the stack.

For Ambari/Ranger/Knox this isn't a problem at all, but I have no clue how to disable SSLv3 in Hue (used version is 2.6.1-2, yes, pretty old 😉 ).

Any hint highly appreciated.

Thanks, Gerd

geko · ‎03-07-2016

Solution found, and published here:

https://community.hortonworks.com/articles/21650/disable-sslv3-for-hue-v261.html

View solution in original post

alopresto · ‎03-03-2016

It appears Hue uses Django for the web server, which can either run with its own embedded server (recommended for dev/test only) and using Apache httpd (recommended for production). To disable SSLv2/v3 in Apache, you should use the following config line in each VirtualHost block in the httpd.conf or ssl.conf files:

SSLProtocol all -SSLv2 -SSLv3

geko · ‎03-07-2016

Hi @Andy LoPresto, many thanks for your reply.

Since we are not using apache-httpd for that, I applied the one-line-patch for disabling SSLv3 from the embedded webserver (see my answer). ...and on the long run I want to switch to AmbariViews anyways 😉

geko · ‎03-07-2016

Solution found, and published here:

https://community.hortonworks.com/articles/21650/disable-sslv3-for-hue-v261.html

Cloudera Community

Support Questions

how to disable SSLv3 in Hue ?