UCMDB Tip : Heartbleed documentation-Tomcat server.xml file configuration scenario
The Heartbleed documentation ( https://support.openview.hp.com/selfsolve/document/KM00863916 ) to secure Configuration Manager and UCMDB Browser states the following:
1. Go to <Browser Install Dir>/conf/server.xml.
2. Comment out below line in the file
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
3. Change HTTPS connectors configuration
from <Connector protocol="org.apache.coyote.http11.Http11AprProtocol" port="8443" .../> to
<Connector protocol="org.apache.coyote.http11.Http11Protocol" port="8443" .../>
4. Restart Tomcat.
5. Revoke the server certificates used in Tomcat.
However there could be scenario's where there may not be any Connector protocol sections (step 3) in user's server.xml files.
Could this lead their systems vulnerable to the Heartbleed bug?
According to R&D, Configuration Manager and UCMDB Browser are not affected by this vulnerability if they are configured Out-Of-The-Box (OOTB) or as configured according to the Hearbleed documentation.
The "Connector Protocol" sections are added by end users for SSL configuration.
If they do not exist then please ignore step 3 of the documentation.
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
Click the KUDOS star to say 'Thanks'