Disable outbound SSLv2/SSLv3 connections [Updated in Security Center 1.3]
Use the glide.outbound.sslv3.disabled property to force the MID Server to use TLS when making outbound connections, such as REST and SOAP requests. Normally, outbound connections from an instance are forced to use TLS instead of SSL.
More information
| Attribute | Description |
|---|---|
| Property name | glide.outbound.sslv3.disabled |
| Configuration type | System Properties (/sys_properties_list.do) |
| Category | Communications |
| Purpose | To enforce the use if TLS during all outbound connections from ServiceNow instance. |
| Recommended value | true |
| Default value | false 중요사항: The value for the glide.outbound.sslv3.disabled property is a safe override and cannot be altered once changed. |
| Security risk rating | 6.5 |
| Functional impact | This remediation enforces the usage of TLS protocol version when communicating on HTTPS. If there are devices that customer/users of the instance are using that do not support TLS communication, there may be a potential outage. |
| Security risk | (Moderate) Legacy versions of SSL were proven to be insecure when utilized for HTTP secure shell implementation, due to client-side attacks, including BEAST and SSL heart-bleed. |
To learn more about adding or creating a system property, see Add a system property.