Which SSL protocols to allow for client HTTPS/SSL connections when
walking or performing results authorization, i.e. for connections from
the Search Appliance to remote https:// URLs. The default is to leave
SSLv2 and SSLv3 disabled, as these are known to be
vulnerable to attacks.
Sometimes a walker's connection fails at (or soon after) the SSL
negotiation, possibly with the error message "Missing HTTP
response line in reply from ...". This may be due to settings on
the remote server that disallow certain SSL protocols - yet those
protocols were enabled under SSL Client Protocols (e.g. for
legacy reasons). In such cases, disabling various SSL protocols may
enable the connection to succeed.
Note that support for some (e.g. vulnerable) protocols may end in some
the Search Appliance versions, depending on the concurrent OpenSSL libs'
support: e.g. SSLv2 is no longer supported in OpenSSL 1.1.0 and later.
Note: To change the server-side SSL protocols accepted by
the Search Appliance - e.g. for admin, search, Dataload etc. - see
HTTPS/SSL Protocols under System Wide Settings.