* [gentoo-user] disable SSLv3 in apache2?
@ 2014-08-09 18:59 Grant
2014-08-09 22:29 ` staticsafe
0 siblings, 1 reply; 4+ messages in thread
From: Grant @ 2014-08-09 18:59 UTC (permalink / raw
To: Gentoo mailing list
I recently upgraded from apache-2.2.27 to apache-2.2.27-r4 and
etc-update wanted to add the following directive to the default SSL
vhost:
SSLProtocol ALL -SSLv2 -SSLv3
I had already disabled SSLv2 (security issue?) but this also disables
SSLv3. Could that cause a compatibility issue?
- Grant
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] disable SSLv3 in apache2?
2014-08-09 18:59 [gentoo-user] disable SSLv3 in apache2? Grant
@ 2014-08-09 22:29 ` staticsafe
2014-08-10 15:01 ` Grant
0 siblings, 1 reply; 4+ messages in thread
From: staticsafe @ 2014-08-09 22:29 UTC (permalink / raw
To: gentoo-user
On 8/9/2014 14:59, Grant wrote:
> I recently upgraded from apache-2.2.27 to apache-2.2.27-r4 and
> etc-update wanted to add the following directive to the default SSL
> vhost:
>
> SSLProtocol ALL -SSLv2 -SSLv3
>
> I had already disabled SSLv2 (security issue?) but this also disables
> SSLv3. Could that cause a compatibility issue?
>
> - Grant
>
You can use something like Qualys SSL Labs[0] to test if anything breaks.
https://www.ssllabs.com/ssltest/index.html
--
staticsafe
XMPP - staticsafe@jabber.org
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] disable SSLv3 in apache2?
2014-08-09 22:29 ` staticsafe
@ 2014-08-10 15:01 ` Grant
2014-08-12 0:38 ` Michael Orlitzky
0 siblings, 1 reply; 4+ messages in thread
From: Grant @ 2014-08-10 15:01 UTC (permalink / raw
To: Gentoo mailing list
>> I recently upgraded from apache-2.2.27 to apache-2.2.27-r4 and
>> etc-update wanted to add the following directive to the default SSL
>> vhost:
>>
>> SSLProtocol ALL -SSLv2 -SSLv3
>>
>> I had already disabled SSLv2 (security issue?) but this also disables
>> SSLv3. Could that cause a compatibility issue?
>>
>> - Grant
>>
>
> You can use something like Qualys SSL Labs[0] to test if anything breaks.
>
> https://www.ssllabs.com/ssltest/index.html
Isn't it a browser compatibility issue though? Are there browsers out
there that support SSLv3 but not TLS?
- Grant
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] disable SSLv3 in apache2?
2014-08-10 15:01 ` Grant
@ 2014-08-12 0:38 ` Michael Orlitzky
0 siblings, 0 replies; 4+ messages in thread
From: Michael Orlitzky @ 2014-08-12 0:38 UTC (permalink / raw
To: gentoo-user
On 08/10/2014 11:01 AM, Grant wrote:
>>> I recently upgraded from apache-2.2.27 to apache-2.2.27-r4 and
>>> etc-update wanted to add the following directive to the default SSL
>>> vhost:
>>>
>>> SSLProtocol ALL -SSLv2 -SSLv3
>>>
>
> Isn't it a browser compatibility issue though? Are there browsers out
> there that support SSLv3 but not TLS?
>
IE6 on Windows <= XP. TLSv1 is technically supported, but it's disabled
by default.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-08-12 0:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-09 18:59 [gentoo-user] disable SSLv3 in apache2? Grant
2014-08-09 22:29 ` staticsafe
2014-08-10 15:01 ` Grant
2014-08-12 0:38 ` Michael Orlitzky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox