RE: disabling SSLV2 on server dosent work.

] Sent: Friday, November 04, 2011 3:52 PM To: openssl-users@openssl.org Subject: Re: disabling SSLV2 on server dosent work. On Fri, Nov 4, 2011 at 6:05 AM, Shashidhar RP shashidhar...@hcl.com wrote: HI I disabled SSLv2 on the server. When the client which is capable of SSLV2 and SSLV3 sends

Re: disabling SSLV2 on server dosent work.

On Fri, Nov 4, 2011 at 6:05 AM, Shashidhar RP shashidhar...@hcl.com wrote: HI    I disabled SSLv2 on the server. When the client which is capable of SSLV2   and SSLV3 sends the hand shake, client sends first V2 hello rt So the server is not capable of handling V2 packet as SSLV2 is

Re: Disabling SSLv2

On Sat, Sep 3, 2011 at 7:16 AM, Michael S. Zick open...@morethan.org wrote: On Fri September 2 2011, Michael B Allen wrote: On Fri, Sep 2, 2011 at 4:07 PM, Dr. Stephen Henson st...@openssl.org wrote: On Fri, Sep 02, 2011, Coda Highland wrote: Well I was hoping there was some kind of

Re: Disabling SSLv2

On Mon September 5 2011, Michael B Allen wrote: On Sat, Sep 3, 2011 at 7:16 AM, Michael S. Zick open...@morethan.org wrote: On Fri September 2 2011, Michael B Allen wrote: On Fri, Sep 2, 2011 at 4:07 PM, Dr. Stephen Henson st...@openssl.org wrote: On Fri, Sep 02, 2011, Coda Highland

Re: Disabling SSLv2

On Fri, Sep 2, 2011 at 1:07 PM, Dr. Stephen Henson st...@openssl.org wrote: Actually you can't. Applications generaally have their own way of setting the cipherlist or just rely on the default value and don't allow it to be changed at all. Would this be worth adding environment variables

Re: Disabling SSLv2

On Fri September 2 2011, Michael B Allen wrote: On Fri, Sep 2, 2011 at 4:07 PM, Dr. Stephen Henson st...@openssl.org wrote: On Fri, Sep 02, 2011, Coda Highland wrote: Well I was hoping there was some kind of global configuration file directive that would affect the behavior of the

Re: Disabling SSLv2

On Fri, Sep 02, 2011, Michael B Allen wrote: Hello, Is there a way to disable SSLv2 system-wide (assuming non-static linking)? I am trying to get a CentOS 5.6 system to pass a PCI credit card processing certification and the scanning company blindly flags SSLv2 as non-compliant. Rather

Re: Disabling SSLv2

On Fri, Sep 2, 2011 at 2:09 PM, Dr. Stephen Henson st...@openssl.org wrote: On Fri, Sep 02, 2011, Michael B Allen wrote: Hello, Is there a way to disable SSLv2 system-wide (assuming non-static linking)? I am trying to get a CentOS 5.6 system to pass a PCI credit card processing

Re: Disabling SSLv2

Well I was hoping there was some kind of global configuration file directive that would affect the behavior of the openssl library and at least everything dynamically linked with it. But based on your answer it's fairly clear that there is no such option. He said that for OpenSSL 1.0.0 that

Re: Disabling SSLv2

On Fri September 2 2011, Michael B Allen wrote: On Fri, Sep 2, 2011 at 2:09 PM, Dr. Stephen Henson st...@openssl.org wrote: On Fri, Sep 02, 2011, Michael B Allen wrote: Hello, Is there a way to disable SSLv2 system-wide (assuming non-static linking)? I am trying to get a CentOS 5.6

Re: Disabling SSLv2

On Fri, Sep 02, 2011, Coda Highland wrote: Well I was hoping there was some kind of global configuration file directive that would affect the behavior of the openssl library and at least everything dynamically linked with it. But based on your answer it's fairly clear that there is no

Re: Disabling SSLv2

On Fri, Sep 2, 2011 at 4:07 PM, Dr. Stephen Henson st...@openssl.org wrote: On Fri, Sep 02, 2011, Coda Highland wrote: Well I was hoping there was some kind of global configuration file directive that would affect the behavior of the openssl library and at least everything dynamically