Disable SSL v2 in Apache
Hi,
I want to disable SSL v2 in apache on my CentOS 5.2 box (httpd 2.2.3), for that, I've added following lines in my /etc/httpd/conf.d/ssl.conf: Code:
SSLProtocol -All +SSLv3 +TLSv1 but it still not disabled, I'm connecting to SSL v2 and getting error for SSL v3: Code:
# openssl s_client -connect localhost:443 -ssl2 |
I think you want:
Code:
SSLProtocol All -SSLv2 |
Hi anomie, thanks for reply.
Just tried this but no avail. able to connect SSLv2 and getting error while checking for SSLv3. Any other thoughts? Though its intrinsic but how can I confirm that apache reading /etc/httpd/conf.d/ssl.conf? Also checked error log, nothing is there. Thanks, |
FWIW, the directives I posted I'm using successfully with Apache 2.0 + mod_ssl (on RHEL4).
Code:
$ openssl s_client -connect my.host:443 -quiet -ssl2 Code:
BadDirective foo Code:
# apachectl -t |
All times are GMT -5. The time now is 04:12 AM. |