On 8/8/16, 10:32 AM, Coty Sutherland wrote:
So you've already mitigated POODLE and the scanner is just complaining about your TLS version.
Or SSLLabs isn't actually checking to see if it can connect via SSLv3:
At present, SSL Labs has the following limitations: In general, cipher suite support is done using only the best-supported server protocol. This means that SSL Labs might not show all supported suites when used against servers that enable different cipher suites depending on the best protocol version offered by the client. In practice, SSL Labs has additional tests for BEAST (done with SSL 3 and TLS 1) and obsolete suites (done with the oldest supported protocol except SSL 2); this means that it will catch all suites in the majority of cases. A future SSL Labs version will test cipher suites separately for each supported protocol.
Is there another test service I could try? -- JHHL --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
