Skip to main content
NetApp adopts Microsoft’s Business-to-Customer (B2C) Identity Management
Effective December 3 - NetApp adopts Microsoft’s Business-to-Customer (B2C) identity management to simplify and provide secure access to NetApp resources. For accounts that did not pre-register (prior to Dec 3) access to your NetApp data may take up to 1 hour as your legacy NSS ID is synchronized to the new B2C identity. To learn more, Read the FAQ and Watch the video. Need assistance? Complete this form and select “Registration Issue” as the Feedback Category. 
NetApp Knowledge Base

How to disable SSLv2 and SSLv3 in SnapManager for SharePoint

Last Updated:


Applies to

SnapManager for Microsoft SharePoint Ser 


Perform the following steps to disable SSL versions 2 and 3 for use by SnapManager for SharePoint (SMSP) to remove exposure to CVE-2014-3566, also known as POODLE.

How does CVE-2014-3566 affect SMSP?

The ideal candidate for this threat is content being accessed over public Wi-Fi or insecure networks. In this case, a man-in-the-middle attack is a potential risk, since communications over SSL between an end-user and software could expose user credentials, passwords, and other information. While this issue is not fundamentally with SMSP, it leverages Microsoft technology such as Internet Information Services (IIS) server and Microsoft Windows security provider which have SSLv3 and TLS enabled by default. The SMSP Manager-Agent or Agent-Agent communication will always negotiate communications over TLSv1 or later.


 Take the following precautionary measures to remove exposure to CVE-2014-3566:

  Note: SMSP Agents always communicate over TLS and are not subject to this vulnerability.

  • As an end-user, update Internet Explorer (IE) browser settings to disable SSL:
    1. Launch Internet Options from the Start Menu
    2. Click the Advanced tab
    3. Uncheck Use SSL 2.0 and Use SSL 3.0


How to disable SSL in SMOSS V6.x or earlier legacy software

For the Apache/Tomcat based platforms, modify the Tomcat settings on the SMOSS Manager server following these steps:

  1. Use the service management tool to 'stop' the Web Service.
  2. Edit the 'server.xml' document in the …\ZeusWeb\conf folder.
  3. Find the 'sslProtocol' flag, which is set to 'TLS' by default.
    Note: This setting also allows for SSLv3.
  4. Add the argument 'sslEnabledProtocols=”TLSv1”' as seen in the example below, to prevent SSL from being used.
  5. Save the 'server.xml' file and change the file to 'read-only' to prevent other tools from modifying or reverting this change.
  6. Start the Web Service in the service management tool. 
  7. Test this configuration change by accessing the SMOSS management interface using a browser with only SSLv3 enabled - a successful result will be a failed connection.

Additional Information




Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support