I’ve web server and Nessus security scan reports that SSLv2 is not good enough for my web server. What have you need to do, to disable SSLv2 and enable SSLv3 or TLSv1. It’s really easy, you need only to change your main ssl.conf configuration file:
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
Now you can try to make connection from command prompt:
openssl s_client –ssl2 –connect virtualhost:443
Make sure you get error in this one and fine output on those below.
openssl s_client –ssl3 –connect virtualhost:443
openssl s_client –tls1 –connect virtualhost:443
Configuration file is in /etc/httpd/conf.d on RedHat Linux and clones and in /etc/apache2/conf.d on SuSE Linux. You must restart Apache web server after making changes.