6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Self-Hosted Web API 2 (OWIN) & SSL 3 POODLE?\",\"text\":\"

Was just wondering if self-hosted WebAPI applications are affected by the POODLE attack. We are using netsh to configure SSLCERT with our Web API 2 applications. Is there a way to disable SSLv3?

\\n\\n

Thanks.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"qmo\"},\"upvoteCount\":1,\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

\\n
Please see “Disable SSL 3.0 in Windows” here: https://technet.microsoft.com/library/security/3009008
\\n

\\n\\n

Source: https://katanaproject.codeplex.com/discussions/571293

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"qmo\"},\"upvoteCount\":0}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","ssl",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/ssl/1","children":"ssl"}]}],["$","span","asp.net-web-api",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/asp.net-web-api/1","children":"asp.net-web-api"}]}],["$","span","owin",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/owin/1","children":"owin"}]}],["$","span","poodle-attack",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/poodle-attack/1","children":"poodle-attack"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/4f62a655f855319a4ee29b797fa75813?s=256&d=identicon&r=PG","alt":"qmo","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/447698/qmo","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"qmo"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",3198]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Self-Hosted Web API 2 (OWIN) & SSL 3 POODLE?"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

Was just wondering if self-hosted WebAPI applications are affected by the POODLE attack. We are using netsh to configure SSLCERT with our Web API 2 applications. Is there a way to disable SSLv3?

\n\n

Thanks.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",698]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",1,")"]}],[["$","div","26743380",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/4f62a655f855319a4ee29b797fa75813?s=256&d=identicon&r=PG","alt":"qmo","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/447698/qmo","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"qmo"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",3198]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

\n
Please see “Disable SSL 3.0 in Windows” here: https://technet.microsoft.com/library/security/3009008
\n

\n\n

Source: https://katanaproject.codeplex.com/discussions/571293

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",0]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","18443181",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/18443181","className":"text-blue-600 hover:underline","children":"Configuring SSL on ASP.NET Self-Hosted Web API"}]}],["$","li","50992488",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/50992488","className":"text-blue-600 hover:underline","children":"Anyway to restrict Owin HTTPS to TLS 1.2?"}]}],["$","li","49091730",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/49091730","className":"text-blue-600 hover:underline","children":"Create SSL endpoint on port 443 for self-hosted OWIN listener"}]}],["$","li","48556812",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/48556812","className":"text-blue-600 hover:underline","children":"Owin OAuth HTTPS Rest webservice"}]}],["$","li","48201847",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/48201847","className":"text-blue-600 hover:underline","children":"How to run self-hosted(owin based) web api on IIS?"}]}],["$","li","46016935",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/46016935","className":"text-blue-600 hover:underline","children":"Web-api security: SSL?"}]}],["$","li","32080694",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/32080694","className":"text-blue-600 hover:underline","children":"WebApi with OWIN SelfHost and Windows Authentication"}]}],["$","li","44551590",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/44551590","className":"text-blue-600 hover:underline","children":".net webapi self hosted ssl"}]}],["$","li","15906676",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/15906676","className":"text-blue-600 hover:underline","children":"Use SSL with Self hosted WebAPI on client side"}]}],["$","li","36808787",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/36808787","className":"text-blue-600 hover:underline","children":"Consuming WebApi Self Host over SSL/TLS"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Self-Hosted Web API 2 (OWIN) &amp; SSL 3 POODLE?

Answers (1)

Related Questions

Self-Hosted Web API 2 (OWIN) & SSL 3 POODLE?