[Ach] Looks like SSLv3 is enabled for httpd in spec?
Martin
rc6encrypted at gmail.com
Wed Mar 2 15:33:29 CET 2016
Hi,
For httpd the spec says
SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA'
where it is the :+SSLv3: part that to me looks like it is enabled despite the
SSLProtocol All -SSLv2 -SSLv3
Can anyone tell me, if :+SSLv3: really should be there?
Best regards,
Martin
More information about the Ach
mailing list