On 10/21/2014 04:57 PM, li...@benjamindsmith.com wrote:
> So, with all the hubbub around POODLE and ssl, we're preparing a new load
> balancer using HAProxy.
>
> So we have a set of unit tests written using PHPUnit, having trouble
> validating certificates. How do you test/validate an SSL cert for a prototype
> "foo.com" server if it's not actually active at the IP address that matches
> DNS for foo.com?
>
> For non-ssl sites, I can specify the url like http://1.2.3.4/path and pass an
> explicit "host: foo.com" http header but that fails for SSL certificate
> validation.
>
> You can also set a hosts file entry, but that's also rather painful. Is there
> a
> better option?
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
I just disabled SSLv3 altogether on my server and just use TLS. On my
site I only use TLS 1.2 and not earlier versions or SSL so I was never
affected by POODLE.
--
Travis Kendrick
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos