Re: Disabling sslv2 on linux for port 636.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Nigel.
I am editing /opt/ABC/CCR/Apache2/conf/ssl.conf   file.






On Tue, Jun 2, 2009 at 8:04 PM, Nigel Wade <nmw@xxxxxxxxxxxx> wrote:

> Rohit khaladkar wrote:
>
>> Hi All,I want to disable ssl2 on a linux server for Port 636. Here is the
>> procedure that I followed :
>>
>> 1)Edit ssl.conf and added following entries in it .
>>
>> SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL
>> SSLProtocol -All +SSLv3 +TLSv1
>>
>> 2)Restarted Apache service.
>>
>> 3)Restarted network.
>>
>> I checked if ssl2 is disabled using the following command :
>>
>> openssl s_client -connect hostname:636 -ssl2
>>
>> where hostname= server name
>>
>> But it still shows me the certificate. I even tried rebooting the machine
>> ,
>> but no luck.
>>
>> Am I missing anything here?.
>>
>>
> Port 636 is normally the ldaps port, ie. SSL encrypted LDAP. Are you really
> listening on that port with Apache? Which ssl.conf did you edit, a full path
> would be rather more specific than just a filename?
>
> Maybe you want to replace 636 with 443 (https) as the openssl request port.
>
> --
> Nigel Wade, System Administrator, Space Plasma Physics Group,
>            University of Leicester, Leicester, LE1 7RH, UK
> E-mail :    nmw@xxxxxxxxxxxx
> Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>



-- 
Thanks!
Rohit Khaladkar
-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux