Re: SSL protocol limits ignored?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: SSL protocol limits ignored?
From: Sakthi Esakiappan <sakthi.esakiappan@xxxxxxxxxxxxxxxx>
Date: Sat, 22 May 2010 15:14:28 +0530
In-reply-to: <4BF67974.9010202@xxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx

Hello,

Have a try with restarting apache service, otherwise add the following lines to the Virtual Host configuration

SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL

restart the apache service and have a try...

On 21 May 2010 17:45, Dennis J. <dennisml@xxxxxxxxxxxx> wrote:

Hi,
I've noticed that my Apache server seems to accept SSLv2 connections even though they are supposed to be disabled. From the mod_ssl.conf:

# SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect. Disable SSLv2 access by default:
SSLProtocol all -SSLv2

I also tried the following in a global context:
SSLProtocol -all +SSLv3 +TLSv1

Still I can connect using SSLv2. I grepped through the config directories but these are the only instances of this directive so I'm not sure why the configuration doesn't apply. Any ideas?

Regards,
Dennis

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

--
With Regards,
Sakthi Esakiappan.M
Server Administrator

MercuryMinds Technologies Pvt Ltd
www.mercuryminds.com "An E-Commerce mentor"
+91 44 45588587
sakthi.esakiappan@xxxxxxxxxxxxxxxx
www.mercuryminds.com

Disclaimer: This message is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this message in error, you are hereby notified that we do not consent to any reading, dissemination, distribution or copying of this message. If you have received this communication in error, please notify the sender immediately and destroy the transmitted information.

Follow-Ups:
- Re: SSL protocol limits ignored?
  - From: Dennis J.

References:
- SSL protocol limits ignored?
  - From: Dennis J.

Prev by Date: Re: Re: Virtual Directory tree for ftp access
Next by Date: Re: mod_rewrite/mod_ssl questions
Previous by thread: SSL protocol limits ignored?
Next by thread: Re: SSL protocol limits ignored?
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]

Powered by Linux