On Wed, Mar 11, 2015 at 12:03:01PM -0400, James B. Byrne wrote: > Can anyone inform me as to whether or not Java on CentOS-6.6 still has > SSLv3 enabled? And if it does then how is it disabled? According to these updates for openjdk java: java-1.6.0-openjdk https://rhn.redhat.com/errata/RHSA-2015-0085.html java-1.7.0-openjdk https://rhn.redhat.com/errata/RHSA-2015-0067.html java-1.8.0-openjdk https://rhn.redhat.com/errata/RHSA-2015-0069.html "Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section." All these announcements were posted to the enterprise-watch-list mailing list: https://www.redhat.com/mailman/listinfo/enterprise-watch-list -- Jonathan Billings <billings at negate.org>