Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

Webconfigurator ssl version

Richard-Laudan
Occasional Visitor

Webconfigurator ssl version

Dear HP Team,

 

The latest Firmware for "HP 1920-48G Switch JG927A" is "5.20.99 Release 1107" which only supports sslv3.

Chrome AND Firefox 40.0.3 wont allow any connection to the webconfigurator, since sslv3 is very vulnerable.

will there be an upgrade for the SSL Protocol  used for the webconfigurator? Is there any workaround?

2 REPLIES
tom96fl
Occasional Visitor

Re: Webconfigurator ssl version

Since you won´t get any answer in here the best way would be that you simple open a support request. I did the same in June because I had questions about how to configure SSL and SSH regarding supported ciphers, MACs and so on. Actually for the 1910 series but since the 1920 is the successor and they managed not to change any settings if I take a look at the manual and CLI references ... also the 1950 still lacks a lot of configuration options.

Sadly my request was closed very quickly since my devices had no warranty anymore but thats not a question about one device it affects basically every single one. They just said they will hand it over to someone else and of course nothing happened.

If you open a new request you could reference to my request which has the case number 4651763275. I had requested a few more configuration changes based on results of a vulnerability scan.

Hopefully you have more luck.

tension83
Occasional Visitor

Re: Webconfigurator ssl version

You can disable SSL version 3.0 after restart ssl use tls version 1.0 how can you do this:

1. login using telnet or ssh

2. Use this command to show full comandline / _cmdline-mode on /

3.Use this password / Jinhua1920unauthorized /

4.Use this command / system-view /

5.Use this command / ssl version ssl3.0 disable /

6.Reboot the switch

Best Regards,

Stefan