You can check your site at Qualys SSL labs: https://www.ssllabs.com/ssltest/analyze.html After analyzing your site you can see for which attacks your site is vulnerable or which weakness is applicable to your site or server certificate. Go check https://wiki.mozilla.org/Security/Server_Side_TLS for the securest configuration for all different types of webservers. For compatibility you can choose your appropriate Ciphersuite (from Modern to Old). From: Sailaja Gadireddy [mailto:sailaja.gadireddy@xxxxxxxxx] Hello Team, As SSLv3 is having POODLE attack, client has initiated to disable and upgrade it to TLSV1. Please do let me know how do we do that and how to check on impact on application after disabling it. How we can check from client side if they are having SSLV3 or TLSV1. What are the pre-requisites for disabling SSLV3? Please do let me know for further details. Thanks & Regards, Sailaja. |
|