Why does the server offers sslv3 when I Only enable SSLv3 :-s
SSL_PROTOCOL SSLv3
From: Eric Covener <cove...@gmail.com>
To: users@httpd.apache.org
Cc: Christopher Schultz <ch...@christopherschultz.net>
Date: 10/02/2017 13:48
Subject: Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is
enabled
On Fri, Feb 10, 2017 at 3:29 AM, Sven Crul <sven.c...@belmedis.be> wrote:
I cannot get the server to offer SSLV3 when TLS is enabled (Any
TLS ) when I do ssl protocol SSLv3 then sslv3 works but from the
moment I add TLS , SSLv3 no longer works
Debian compiles openssl w/o SSLv3 support. You'll need to build and link
with your own openssl if you want dangerous protocols re-enabled.
http://http.debian.net/debian/pool/main/o/openssl/openssl_1.1.0c-2.debian.tar.xz
rules:
CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$
(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 no-zlib no-ssl3
enable-unit-test no-ssl3-method enable-rfc3779 enable-cms
