Why does the server offers sslv3 when I Only enable SSLv3 :-s
SSL_PROTOCOL SSLv3 From: Eric Covener <cove...@gmail.com> To: users@httpd.apache.org Cc: Christopher Schultz <ch...@christopherschultz.net> Date: 10/02/2017 13:48 Subject: Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled On Fri, Feb 10, 2017 at 3:29 AM, Sven Crul <sven.c...@belmedis.be> wrote: I cannot get the server to offer SSLV3 when TLS is enabled (Any TLS ) when I do ssl protocol SSLv3 then sslv3 works but from the moment I add TLS , SSLv3 no longer works Debian compiles openssl w/o SSLv3 support. You'll need to build and link with your own openssl if you want dangerous protocols re-enabled. http://http.debian.net/debian/pool/main/o/openssl/openssl_1.1.0c-2.debian.tar.xz rules: CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$ (DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 no-zlib no-ssl3 enable-unit-test no-ssl3-method enable-rfc3779 enable-cms