Re: Testing "dark" SSL sites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tuesday, October 21, 2014 05:02:53 PM Travis Kendrick wrote:
> On 10/21/2014 04:57 PM, lists@xxxxxxxxxxxxxxxxxx wrote:
> > So, with all the hubbub around POODLE and ssl, we're preparing a new load
> > balancer using HAProxy.
> > 
> > So we have a set of unit tests written using PHPUnit, having trouble
> > validating certificates. How do you test/validate an SSL cert for a
> > prototype "foo.com" server if it's not actually active at the IP address
> > that matches DNS for foo.com?
> > 
> > For non-ssl sites, I can specify the url like http://1.2.3.4/path and pass
> > an explicit "host: foo.com" http header but that fails for SSL
> > certificate validation.
> > 
> > You can also set a hosts file entry, but that's also rather painful. Is
> > there a better option?
> > _______________________________________________
> > CentOS mailing list
> > CentOS@xxxxxxxxxx
> > http://lists.centos.org/mailman/listinfo/centos
> 
> I just disabled SSLv3 altogether on my server and just use TLS. On my
> site I only use TLS 1.2 and not earlier versions or SSL so I was never
> affected by POODLE.

As far as I can tell, this comment is not related to the question I asked... 
at all. 
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux