Hi, This enables the cipherstring-group SSLv3, not the protocol. To see if the protocol is used, test with e.g. sslyze or openssl s_client -ssl3 -connect example.com:443
Sebastian On 03/02/2016 03:33 PM, Martin wrote: > Hi, > > For httpd the spec says > > SSLCipherSuite > 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA' > > where it is the :+SSLv3: part that to me looks like it is enabled despite the > > SSLProtocol All -SSLv2 -SSLv3 > > > Can anyone tell me, if :+SSLv3: really should be there? > > Best regards, > Martin > _______________________________________________ > Ach mailing list > [email protected] > http://lists.cert.at/cgi-bin/mailman/listinfo/ach > > -- > python programming - mail server - photo - video - https://sebix.at > cryptographic key at https://sebix.at/DC9B463B.asc and on public keyservers
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
