Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Serv-U - Knowledgebase Articles > Why is SSLv3 and SSLv2 disabled in Serv-U

Why is SSLv3 and SSLv2 disabled in Serv-U

Table of contents

Updated April 26, 2017


This article provides information on why Serv-U disabled the support for Secure Socket Layer (SSL) versions 2 and 3.


Serv-U 15.1.1 and later


Serv-U 15.1.1 and later versions do not support SSL v2 and SSL v3. This is for all new and existing installations. 

Only Transport Layer Security (TLS) is supported when negotiating a secure channel with Serv-U through FTPS or HTTPS.

SSL v2 and SSL v3 are disabled due to a recent vulnerability. 

  • SSL v2 has conditions that test the security of a channel. A number of security scanning software recommend disabling SSL v2. 
  • SSL v3 is not FIPS compliant and is replaced by TLS. Most client applications that support  SSL v3 also support TLS v 1.0. There is POODLE vulnerability in SSL v3.


There are no changes or issues in disabling SSL v2 or v3. Modern browsers and FTP clients already support TLSv1.0.

Legacy applications and hardware that never added support for TLSv1.0 are mostly affected by disabling SSL v2 or v3. Applications will be unable to negotiate an SSL connection with Serv-U until SSLv3 is re-enabled.

See the references for more information:

(© 2017 Google Security Blog, available at, obtained on April 26, 2017). 


Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.



Last modified