User Tools

Site Tools


ssl_poodle

To resolve poodle vulnerability please add the following to the virtual host:

        #resolve poodle vulnerability 
        SSLHonorCipherOrder on
        SSLProtocol ALL -SSLv2 -SSLv3
        SSLCipherSuite EECDH+AESGCM:EECDH+AES256:EECDH+AES128:EECDH+3DES:EDH+AES:RSA+AESGCM:RSA+AES:RSA+3DES:!ECDSA:!NULL:!MD5:!DSS
And to allow this globally please add in the /etc/httpd/conf.d/ssl.conf file:
SSLProtocol -all -SSLv2 -SSLv3 +TLSv1

ssl_poodle.txt · Last modified: 2024/05/23 07:26 by 127.0.0.1

Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki