appearently not, we use this build now https://github.com/goochjj/pound/tree/pcidss/v2.6
with this options: DisableSSLv3 Ciphers "!EXPORT:TLSv1.1:TLSv1.2:TLSv1:!SSLv2:!MD5:!aNULL:!NULL:!RC4:RSA:ALL:!LOW" SSLHonorCipherOrder 1 wich gives us an A at qualsys. On Wed, Mar 4, 2015 at 12:28 PM Scott McKeown <[email protected]> wrote: > Hi Pat, > > The same options should be included in the v2.7 branch. > > I'm sure Joe would have included it - the options you would need to add to > your config is 'DisableSSLv3' > > > > On 4 March 2015 at 11:06, Pat Erler <[email protected]> wrote: > >> is there really no way to do this in 2.7? I would like to stay at 2.7, >> now that it is stable.. >> >> On Tue, Mar 3, 2015 at 5:16 PM Scott McKeown <[email protected]> >> wrote: >> >>> Hi OAT, >>> >>> I've found the patch that I think you need for this which I've attached. >>> >>> this is for the v2.6 version though. >>> >>> >>> ~Scott >>> >>> >>> On 3 March 2015 at 15:32, Pat Erler <[email protected]> wrote: >>> >>>> hi, >>>> >>>> we think we stumbled over this problem: http://security. >>>> stackexchange.com/questions/70832/why-doesnt-the-tls- >>>> protocol-work-without-the-sslv3-ciphersuites >>>> >>>> is there a way in pound to disable the SSL3 protocol bt not the SSL3 >>>> cipher suite? >>>> >>>> best, >>>> >>>> OAT >>>> >>> >>> >>> >>> -- >>> With Kind Regards. >>> >>> Scott McKeown >>> Loadbalancer.org >>> http://www.loadbalancer.org >>> Tel (UK) - +44 (0) 3303801064 (24x7) >>> Tel (US) - +1 888.867.9504 (Toll Free)(24x7) >>> >> > > > -- > With Kind Regards. > > Scott McKeown > Loadbalancer.org > http://www.loadbalancer.org > Tel (UK) - +44 (0) 3303801064 (24x7) > Tel (US) - +1 888.867.9504 (Toll Free)(24x7) >
