Applications Manager not hurt by Heartbleed

Applications Manager not hurt by Heartbleed

You do not have to worry about the Heartbleed security flaw when using Applications Manager. Applications Manager is not affected by heartbleed.

Most of our underlying modules use Tomcat web server where BIO and NIO connectors are used.  These connectors use the JSSE SSL whereas the APR/native connector uses OpenSSL.  None of the underlying Applications Manager modules use the APR/native connector. 

Though Applications Manager uses a self-signed SSL certificate for HTTPS mode of accessibility, these SSL certificates were created using java keytool and not OpenSSL. We also recommend customers to use java keytool to implement their domain SSL certificate.

We tested an Applications Manager installation just to confirm we are not affected. Here is what the results show:



To verify your Applications Manager installation, use  http://filippo.io/Heartbleed/

Feel free to contact us for any questions or clarifications.

      • Topic Participants

      • BArun

              New to ADManager Plus?

                New to ADSelfService Plus?