On Sun, Apr 29, 2012 at 10:40 PM, Mike Hoy <mho...@gmail.com> wrote: > We use McAfee to scan our website for vulnerabilities. They claim the > following: >> >> Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. >> Configure SSL/TLS servers to only support cipher suites that do not use >> block ciphers. Apply patches if available.
What kind of crazy advice is this? > > I ran #openssl version and it says we are using OpenSSL 0.9.8e-fips-rhel5 01 > Jul 2008. > > Do we need to upgrade our OpenSSL to upgrade our TLS/SSL server? Sorry if > the question is way off-base but I am not a system administrator normally. > This is new to me. We use CentOS and #yum install openssl claims it is > already at the higest version. Any suggestions appreciated. > > Thanks, > > -- > Mike Hoy ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
