In the nambkup folder, open the NovellAgSettings.conf file from the mag <time stamp of upgrade>/conf folder.
Search for SSL Protocol and copy the value associated with it.
Click Devices > Access Gateways > Edit > Advanced Options and replace the following configuration with the value copied in NovellAgSettings.conf in step 2:
SSLProtocol TLSv1.1 +TLSv1.2
In the nambkup folder, open the NovellAgSettings.conf file from the mag <time stamp of upgrade>/conf folder.
Search for SSL and copy the value
Click Devices > Access Gateways > Edit > Advanced Options and replace the following configuration with the value copied in NovellAgSettings.conf in step 2:
SSLCipherSuite !aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:ALL:!EDH
If NovellAgSettings.conf does not contain this line, delete this line in Access Gateway Advanced Options.
In the /opt/novell/nesp/lib/webapp/WEB-INF/web.xml file, comment out the following tomcat filter configuration:
<filter> <filter-name>TomcatSameOriginFilter</filter-name> <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> <init-param> <param-name>antiClickJackingOption</param-name> <param-value>SAMEORIGIN</param-value> </init-param> </filter> <filter-mapping> <filter-name>TomcatSameOriginFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
Restart ESP by running the following command:
Linux: /etc/init.d/novell-mag restart OR rcnovell-mag restart
Windows: net stop Tomcat8
net start Tocmat8
NOTE:You can also restart ESP through Administration Console. Select the cluster node > Action > Service Provider > Restart Service Provider.
Click Devices > Access Gateways > Edit > Advanced Options.
Set the following option:
SetStrictTransportSecurity off
Restart Apache.
Linux: /etc/init.d/novell-apache2 restart OR rcnovell-apache2 restart
Windows: net stop apache2.2
net start apache2.2