Hi,

Thang Tran wrote:
> what have I to do if I want to avoid the old SSLv2. Can someone give me am
> example how I have to configure an apache server for using SSLv3 only?

exclude it from SSLCipherSuite in your httpd.conf, something like:

SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXP:!eNULL

!SSLv2 means: No SSLv2.

HTH
Jan
-- 
Jan Klever (PKI Team), Phone +49 40 808077-619

DFN-CERT Services GmbH, https://www.dfn-cert.de,  Phone  +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805,  Ust-IdNr.:  DE 232129737
Heidenkampsweg 41, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to