I'm not sure how this is handled by Apache Directory, but usually there
are 2 different settings you mustn't confuse:
CipherSuite selects the available /ciphers/; there are a lot of "SSL3"
ciphers that are still okay to use. If you disable all of them, it's
quite possible that clients can't connect anymore.
Try "openssl ciphers -v SSLv3" to get a list.
There should also be another setting to control the minimum protocol
level ("olcTLSProtocolMin" for OpenLDAP, "SSLProtocol" for Apache
httpd). This allows you to disable e.g. SSLv3 and below, it is the one
you need to change!
hth, cheers,
--
Infineon Technologies IT-Services GmbH [email protected]
Lakeside B05, 9020 Klagenfurt, Austria Martin Schuster
FB: LG Klagenfurt, FN 246787y +43 5 1777 3517
