Re: mod_ssl, poodle and SSLv2Hello

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Oct 17, 2014 at 1:49 PM, Matthew Hughes <hughes.matt@xxxxxxxxx> wrote:
Many SSL clients, notably JDK 6, use the SSLv2Hello protocol to handshake with the server.  Using this protocol does *not* mean you are using SSL 2.0 or 3.0 for that matter; it is merely a handshake to determine *which* protocol to use.  [http://tools.ietf.org/html/rfc5246#appendix-E.2]

However, in Apache, if you disable SSLv3 support, this apparently removes support for the SSLv2Hello protocol.  Apache Tomcat has explicit support for SSLv2Hello; that is, you can enable that, but not enable SSLv3.

Is there any way to do this in Apache?

not at the present time; this is being discussed currently on the dev@httpd mailing list  

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




--
Born in Roswell... married an alien...
http://emptyhammock.com/

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux