Hi Gustaf, You're welcome ;-).
I don't upgrade my certificate to get an A+ rating yet. I did use sha1 when I've create my certificates almost 2 years ago and I had to re-create it. I mean, to get an A+ rating, some people (like me) have to re-create certificates using SHA2. Thanks Cesáreo El 18/septiembre/15 a las 15:32, Gustaf Neumann escribió: > Hi Cesáreo, > > thanks for noting! We had this already removed (e.g. on > next-scripting.org, which has a A+ rating), > but it was not yet adapted in the README file. > > -gn > Am 18.09.15 um 20:55 schrieb Cesáreo García Rodicio: >> Hi >> >> To get an A rating in SSLlabs SSL Server Test I had to remove SSLv3 >> (poodle attack[2]) in nssl configuration example [3] >> >> << ns_param protocols "!SSLv2" >> >> ns_param protocols "!SSLv2:!SSLv3" >> >> Regards, >> Cesáreo >> >> [1] https://www.ssllabs.com/ssltest/analyze.html >> [2] >> https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack >> [3] https://bitbucket.org/naviserver/nsssl >> > > > ------------------------------------------------------------------------------ > _______________________________________________ > naviserver-devel mailing list > naviserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/naviserver-devel > ------------------------------------------------------------------------------ _______________________________________________ naviserver-devel mailing list naviserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/naviserver-devel
