Hi,
I've noticed that my Apache server seems to accept SSLv2 connections even
though they are supposed to be disabled. From the mod_ssl.conf:
# SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect. Disable SSLv2 access by default:
SSLProtocol a
Hello,
Have a try with restarting apache service, otherwise add the following lines
to the Virtual Host configuration
SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL
restart the apache service and have a try...
On 21 May 2010 17:45, Dennis J. wrote:
> Hi,
> I
Hi,
Doesn't work. I added the lines to the virtual host and restartet Apache
but I can still connect with SSLv2:
openssl s_client -ssl2 -connect SERVERNAME:443
...
New, SSLv2, Cipher is DES-CBC3-MD5
...
Regards,
Dennis
On 05/22/2010 11:44 AM, Sakthi Esakiappan wrote:
Hello,
Have a try wi
On Sun, May 23, 2010 at 8:01 PM, Dennis J. wrote:
> Hi,
> Doesn't work. I added the lines to the virtual host and restartet Apache but
> I can still connect with SSLv2:
>
> openssl s_client -ssl2 -connect SERVERNAME:443
>
Sure you're hitting the virtualhost you're configuring?
--
Eric Covener
c
Which version of apache do u use...
On 24 May 2010 07:06, Eric Covener wrote:
> On Sun, May 23, 2010 at 8:01 PM, Dennis J. wrote:
> > Hi,
> > Doesn't work. I added the lines to the virtual host and restartet Apache
> but
> > I can still connect with SSLv2:
> >
> > openssl s_client -ssl2 -connec