Dear all,
I am trying to disable SSLv3 on perdition 2.0-1.x86_64
It is running in a RHEL 6.5 clone and it was compiled with the SPEC files.
In theory, I should apply the following configuration but it also
disables TLSv1 and TLSv1.1, being TLSv1.2 still available.
---
ssl_listen_ciphers "ALL:!SSLv2:!SSLv3"
---
I don't know much about cryptography but I
guess it makes sense because I obtain the same result in all my
boxes (RHEL 6.5 , Fedora and FreeBSD 10) when I execute:
openssl ciphers -v 'ALL:!SSLv2:!SSLv3'
What would be the best way to disable SSLv2 and SSLv3 for incoming and
outgoing connections?
Regards,
Xavier Garcia