On Thu, Mar 06, 2008 at 10:38:32AM +0100, Mario victor-oscar wrote: > With Openssl, i noticed that SSLv2 and some ciphers are on. > To restrict the SSLv2 protocol via Openssl, how can i do that ? >
Look at the cipher section of the openssl docu. SSL_CIPHER=SSLv3 should do the trick and disallow SSLv2. e.g. echo SSLv3 > /var/qmail/boot/qmail-pop3d-ssl/env/SSL_CIPHER -- :wq Claudio > > 2008/3/6, Claudio Jeker <[EMAIL PROTECTED]>: > > > > On Thu, Mar 06, 2008 at 09:11:51AM +0900, UEDA Hiroyuki wrote: > > > Hello, > > > > > > > > > Though I don't know if tcpserver with Andre's patch, you can restrict > > > SSL/TLS protocols etc. with sslserver in ucspi-ssl packages. > > > > > > > > > Actually our tcpserver-ssl patch honors the SSL_CIPHER environment > > variable. You should be able to restrict the SSL/TLS protocols that way. > > > > > > -- > > :wq Claudio > > > >
