SSLProtocol -ALL +SSLv3 +TLSv1
If pound doesn't support something similar, can it be added? -- To unsubscribe send an email with subject unsubscribe to [EMAIL PROTECTED] Please contact [EMAIL PROTECTED] for questions.
Is there a way to disable SSLv2 for HTTPS requests in pound? Pound is
using SSLv23_server_method() to create a new SSL_CTX object, but I don't
see any other calls to disable SSLv2.
In apache, I can specify the following options to allow SSLv3 and TSLv1
only:
- [Pound Mailing List] Disabling SSLv2 Albert
- Re: [Pound Mailing List] Disabling SSLv2 Ondra Kudlik
- [Pound Mailing List] Disabling SSLv2 Robert Hicks
- RE: [Pound Mailing List] Disabling SSLv2 Joe Gooch
- RE: [Pound Mailing List] Disabling SSLv2 Joe Gooch
- [Pound Mailing List] Disabling SSLv2 Karl Rossing
- Re: [Pound Mailing List] Disabling SSLv2 Christian Hailer
- Re: [Pound Mailing List] Disabling SSLv2 Karl Rossing
- Re: [Pound Mailing List] Disabling SSLv2 Xan Charbonnet
