Adobe Connect User Community
Menu

#1 2014-10-16 12:36:43

anhyzer

Adobe Connect and POODLE SSLv3 thoughts?

Any thoughts on the effects of disabling SSLv3 on the F5 load balancer in front of our Connect servers? I believe Flash Player has supported TLS since version 11 and Connect requires Flash Player 11.2 so I'm guessing we won't really see any impact, but I'm interested to hear opinions.

A Google search revealed this blurb that seems to indicate that Adobe posted something to their Support Blog concerning POODLE yesterday, but the link this article gives to the Support Blog is not valid and I can't find anything by searching the Blog:

http://www.aotg.com/index.php?page=list … &page_no=5

Thanks.
--Chris

Offline

#2 2014-10-16 13:14:21

Jorma_at_CoSo

Re: Adobe Connect and POODLE SSLv3 thoughts?

There is a cached version of the article here: http://webcache.googleusercontent.com/s … ctsupport/

However it appears that the actual post has been taken down from the Connect Support blog. This may be because the information was incorrect or not fully vetted. Not sure if there is a good way to reach out to Frank about this, other than maybe a comment on one of his other posts. I'll see if I can get any input about it from him.

Offline

#3 2014-10-16 14:01:29

Jorma_at_CoSo

Re: Adobe Connect and POODLE SSLv3 thoughts?

There is a revised SSL Tech Note coming out soon, once it is available I will post the link here.

Offline

#4 2014-10-16 16:38:39

Jorma_at_CoSo

Re: Adobe Connect and POODLE SSLv3 thoughts?

Offline

#5 2014-10-20 07:03:07

anhyzer

Re: Adobe Connect and POODLE SSLv3 thoughts?

Thanks for the info, Jorma. The link looks to be an internal Adobe link. Do you know if they'll be making this public?

Thanks.
--Chris

Offline

#6 2014-10-20 09:48:39

Jorma_at_CoSo

Re: Adobe Connect and POODLE SSLv3 thoughts?

Ah, so it was. I updated the link and it appears to be working.

Offline

#7 2014-11-03 09:48:32

cuc1415025531

Re: Adobe Connect and POODLE SSLv3 thoughts?

stunnel 5.06 works for me with
sslVersion = all
options = NO_SSLv2
options = NO_SSLv3
...
# ciphers = ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
ciphers = ALL:!AECDH:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Bye Rolf

Offline

#8 2015-01-14 02:37:15

dgoeger

Re: Adobe Connect and POODLE SSLv3 thoughts?

In what configuration file you've done this setting?

Offline

#9 2015-01-14 12:09:31

Jorma_at_CoSo

Re: Adobe Connect and POODLE SSLv3 thoughts?

The link earlier in the thread has all the information about where and how to make the modification.

The file is stunnel.conf

Offline

#10 2015-08-06 13:47:30

marcoboldt

Re: Adobe Connect and POODLE SSLv3 thoughts?

Just a note-- In my organization we are now being asked to disable TLS 1.0 on our SSL implementations. However, the addin on Mac does not support TLS 1.1 or 1.2. Therefore, the addin will not start on Macs if you diasble TLS 1.0 on your application server. Hopefully they will add support for TLS 1.1 and 1.2 soon on Macs?

Offline

#11 2016-01-21 10:54:44

andsoria

Re: Adobe Connect and POODLE SSLv3 thoughts?

Recently we have disabled TLS1.0 via the stunnel configuration file and we only support TLS1.1 and TLS1.2. The add in is working for most of the windows users, in our case the add in connects via TLS1.2.

Some users get the message saying 'Loading Adobe Connect' once the add in is launched but it does not go through. This behavior is similar to the experienced with the MAC version of the add-in. For this cases we send back the link to the meeting room with the ?launcher=false code so they can connect to the meeting.

Does anyone know if the security protocol that the add in can use depends on the version of the add in or a setting on the server? My understanding is that it doesn't depend on the browser where it is launched as I have tested with a user.

Last edited by andsoria (2016-01-21 10:56:07)

Offline

#12 2016-03-07 14:45:32

cuc1457379740

Re: Adobe Connect and POODLE SSLv3 thoughts?

We've seen the same problem: it seems to require TLS 1.0 and if you run an SSL query on Adobe's Connect servers you find they also require TLS 1.0. Lack of Meeting Add-in functionality really threw some of our users. We're still tweaking our config to make it work well.

Can someone post or privately share the details of their STUNNEL config?

A.

Offline

Board footer