hi tunist, if you want to test your server for CCS-vuln you might use https://www.ssllabs.com/ssltest/
or the testscript from https://testssl.sh/ when you prefer to test locally. > > though when i run openssl version, i see: OpenSSL 1.0.1e-fips 11 Feb > 2013 not sure why..!? distros backport patched but usually dont ship new versions, thus dont update version-numbers; same here, although this system is fully patched $ openssl version OpenSSL 1.0.1e 11 Feb 2013 Posted at Nginx Forum: http://forum.nginx.org/read.php?2,254144,254148#msg-254148 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
